Incident Overview

Balancer has confirmed a sophisticated exploit targeting its V2 Composable Stable Pools, resulting in the loss of approximately $116 million in assets. The incident, which occurred on November 5, 2025, primarily affected a range of tokens including WETH, wstETH, osETH, frxETH, and rETH.

Impact on Balancer and BAL Token

The exploit has led to a significant downturn in the price of the BAL token and a notable decrease in the Total Value Locked (TVL) on the Balancer platform. This event highlights ongoing security vulnerabilities within the decentralized finance (DeFi) ecosystem.

Technical Details and Affected Pools

Balancer's security team released a preliminary post-mortem detailing the incident. The hack specifically targeted V2 Composable Stable Pools. The platform has confirmed that pools capable of being paused have been halted and are now in recovery mode. Balancer emphasized that the exploit was isolated to these V2 pools, and Balancer V3 and all other pools remain unaffected and stable.

Financial Losses and Network Outflows

The estimated financial impact of the exploit stands at $116 million in lost assets. Outflows were observed across Ethereum Mainnet and associated networks such as Base and Polygon. Balancer has stated that preventive measures are being reviewed and enhanced.

Recovery Efforts and Future Security Measures

A collaborative effort involving security researchers and legal teams is underway to trace the on-chain movements of the stolen assets and explore possibilities for recovery. Balancer has indicated plans to implement more robust security protocols in the future to mitigate similar incidents.

Broader Implications for DeFi

The Balancer incident is likely to draw increased attention to regulatory scrutiny and technology assessments within the DeFi space. This event echoes past challenges faced by other DeFi protocols, such as Velocore's exploit in 2024, underscoring the continuous demand for improved security practices across the industry.