More than $100 million stolen in exploit of Balancer DeFi protocol

Steven

More than $100 million stolen in exploit of Balancer DeFi protocol

Summary

Hackers exploited the Balancer decentralized finance (DeFi) protocol on Monday, with security firms tracking losses of more than $120 million and at least $99 million of that in ETH. The breach has been attributed to compromised access control mechanisms. Balancer said it is investigating, paused any pools that could be paused and put affected pools into recovery mode, while warning users about fraudulent messages purporting to be from its security team.

Key Points

  • Security firms estimate over $120 million stolen; roughly $99 million in ETH.
  • Attack traced to faulty or compromised access control systems within Balancer.
  • Balancer paused pausable pools and moved them into recovery mode; not all related platforms could be paused unilaterally.
  • Associated organisations such as Berachain halted networks and froze some stolen funds; other platforms (Gnosis, Sonic, Beefy) also took emergency measures.
  • Balancer has had prior minor incidents and roughly ten security audits, but the exploit still succeeded.
  • Context: more than $2 billion was stolen from crypto in H1 2025, with reports attributing at least $1.65 billion of thefts to North Korean-linked actors between January and September 2025.

Content summary

The incident unfolded early on Monday; Balancer is working with security and legal teams and plans to publish a post-mortem. Several ecosystem partners reacted quickly — Berachain paused its network and was able to freeze some funds, while other platforms implemented protective measures. Balancer also cautioned users about scam communications claiming to be from its security staff. The attack adds to a wave of high-value DeFi thefts this year and underscores persistent vulnerabilities despite repeated audits and bug bounties.

Context and relevance

This breach is significant for anyone following DeFi or crypto security. Large protocol exploits shake user confidence, can ripple across liquidity providers and connected platforms, and often trigger emergency responses such as chain halts or fund freezes. It also feeds into broader concerns about state-linked criminal groups monetising stolen crypto — a trend highlighted by recent multinational reports linking major thefts to North Korean actors.

Why should I read this?

Quick, direct and messy — if you care about DeFi safety, your money or whether a protocol you use could be next, this is worth five minutes. It shows how even well-audited platforms can be hit, who’s scrambling to contain the damage, and how the fallout might affect liquidity and trust across the sector.

Source

Source: https://therecord.media/crypto-heist-balancer-exploit