Balancer Protocol has confirmed a massive security breach that drained more than $128 million from its V2 pools.
The decentralized finance (DeFi) platform, built on the Ethereum blockchain, allows users to trade and provide liquidity through flexible token pools.
The team announced that the exploit occurred at 7:48 AM UTC, specifically affecting Balancer’s V2 Composable Stable Pools. Other pools, including those from the upcoming V3 version, remain unaffected. Balancer said it is working with top security researchers to fully understand what happened and will release a detailed report soon.
Preliminary findings suggest the attack may have been caused by a precision rounding error in the system’s vault calculations. This small flaw allowed the attacker to exploit rounding discrepancies during token swaps, turning minor calculation differences into a major financial loss. By repeatedly chaining swap operations, the hacker managed to amplify the rounding errors until they distorted token prices and drained funds.
However, some blockchain experts believe the breach might instead have been caused by improper authorization during the pool’s initialization process. According to researcher Aditya Bajaj, a malicious contract was used to manipulate vault calls and bypass safety checks, enabling unauthorized transactions across connected pools.
While the cause is still under investigation, Balancer has warned users to be alert for phishing and scam attempts. Shortly after the hack, an impersonator pretending to be Balancer offered the attacker a fake “white-hat bounty” of 20% of the stolen funds in exchange for returning the rest. The message was designed to look official and even included threats about law enforcement tracking, making it appear credible to outsiders.
Balancer V2 had previously undergone 11 security audits since 2021, but this incident has reignited debate about the safety of even well-audited DeFi systems. The breach now ranks among the largest cryptocurrency hacks of 2025.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
There is no confirmed link to any hacking group, but experts note that North Korean cybercriminals remain one of the biggest threats to the DeFi ecosystem. As of early October, North Korea-linked hackers had stolen more than $2 billion in crypto this year alone, including $1.5 billion from the Bybit attack in February.
