DeFi Protocol Balancer Hacked — $88M Stolen Across Multiple Chains
The decentralized finance platform Balancer has fallen victim to one of the largest DeFi hacks of 2025. Cybercriminals drained an estimated $88 million worth of digital assets from the protocol’s vaults, spreading the attack across several blockchains in real time.
Ongoing attack and multi-chain impact
According to blockchain security firm PeckShield, the exploit remains active, with attackers targeting pools on multiple networks where Balancer is deployed. Data from Etherscan confirms a series of suspicious outgoing transactions from Balancer’s official addresses to newly created wallets.
Preliminary on-chain analysis by Nansen revealed that in just three transactions, hackers transferred approximately $70.9 million in assets, including:
6 850 StakeWise Staked ETH (OSETH) 6 590 Wrapped Ethereum (WETH) — roughly $24.5 million 4 260 Lido wstETH (wSTETH)The mechanics of the exploit
While Balancer’s developers have yet to publish an official post-mortem, early indicators point to a vulnerability in the vault contract interaction layer — the component responsible for synchronizing liquidity pools across different chains. PeckShield analysts believe attackers exploited an unchecked call that allowed unauthorized asset redirection through a flash loan-based sequence.
This method, frequently seen in multi-chain exploits, bypasses basic security guards by rapidly moving collateral between blockchains faster than oracles can update their price feeds. The technique effectively “confuses” automated pool logic into releasing more funds than it should.
Investigation and containment efforts
Balancer’s core team has confirmed via its official X account that emergency procedures have been activated, including suspension of affected pools and coordination with major exchanges to flag the attacker’s wallets. “We are aware of the exploit and working to contain it. Users are advised not to interact with compromised pools,” the team stated.
Security firms — including SlowMist and CertiK — have joined the investigation. Their preliminary findings suggest that the same exploit route was used to move funds through Ethereum, Arbitrum, and Base networks. Several stolen assets have already been bridged into mixing protocols, complicating recovery attempts.
DeFi community reaction
The incident reignites debate about the fragility of decentralized finance platforms. Despite billions in total value locked (TVL), DeFi protocols remain vulnerable to contract exploits, especially those relying on cross-chain communication.
Community members have expressed frustration that Balancer — a leading liquidity protocol with multiple audits — could still fall victim to such an attack. “Cross-chain composability is both DeFi’s greatest strength and its weakest link,” wrote blockchain researcher Anton Nevsky. “The more protocols interconnect, the more points of failure they expose.”
Financial and reputational damage
The estimated loss of $88 million makes this one of the top five DeFi hacks of 2025. Analysts warn that Balancer’s reputation and liquidity depth may suffer lasting consequences, especially if compensation mechanisms are not promptly introduced.
Investors are closely monitoring the protocol’s native governance token, BAL, which dropped by over 17% in the hours following news of the exploit. Meanwhile, insurance providers within the DeFi space — such as Nexus Mutual — are assessing potential claim volumes related to affected users.
Conclusion
The Balancer hack underscores the persistent security challenges of decentralized finance, where even established platforms face existential risks from sophisticated cross-chain exploits. As regulators and developers push for greater accountability, the question remains whether DeFi can evolve beyond its experimental phase without sacrificing its core principle — trustless autonomy.
Editorial Team — CoinBotLab