445/68 Wednesday, November 5, 2025
Balancer Protocol, a decentralized finance (DeFi) platform built on the Ethereum blockchain, disclosed that it was exploited through a vulnerability in its Balancer v2 Pools, resulting in losses exceeding $128 million USD (approximately 4.7 billion THB). Balancer operates as an Automated Market Maker (AMM) and liquidity infrastructure platform, allowing users to deposit assets, perform swaps, and earn transaction fees. Its native governance token, BAL, had a market capitalization of around $65 million prior to the incident.
The attack affected only V2 Composable Stable Pools and did not impact other pool versions such as V3. Initial analysis by GoPlus Security suggests that the exploit stemmed from a Precision Rounding Error in the calculation logic of the Vault Swap function. The attacker repeatedly executed batch swaps to accumulate the tiny discrepancies in each transaction until a major price distortion occurred. Other researchers, including Aditya Bajaj, believe the attack may have resulted from weak authorization and callback handling within Balancer V2, enabling the attacker to manipulate functions and alter balances between pools without authorization.
While Balancer’s team and security researchers were investigating, an unknown party impersonated Balancer and contacted the hacker, offering a “white-hat bounty” of 20% of the stolen assets. The message turned out to be a phishing attempt, crafted to look legitimate with convincing language and detailed instructions, attempting to exploit the situation further as Balancer dealt with massive asset losses.
The Balancer hack is considered one of the largest crypto thefts of 2025. Although no official suspects have been identified, experts warn that organized threat actors continue to pose a significant risk to the global DeFi ecosystem, with billions in stolen crypto recorded since early 2025.
