Hackers have stolen more than $120 million worth of digital assets in a single attack from Balancer, a leading Ethereum-based decentralized finance (DeFi) platform, in one of the biggest crypto hacks of 2025.
Balancer, which lets users trade and earn from crypto liquidity pools, confirmed the breach early Monday that its V2 pools were exploited. The breach was detected around 7:48 AM UTC, and while the team says the issue has been contained, losses have already crossed $128 million, according to blockchain analytics firms.
โThis issue is isolated to V2 Composable Stable Pools and does not impact Balancer V3 or other Balancer pools. We are working closely with our security and legal teams to ensure user safety and are conducting a swift & thorough investigation,โ Balancer wrote in a statement on X (formerly Twitter).
โOur engineers and security specialists are investigating as a priority. We will share verified information and next steps immediately, as soon as we have additional data.โ
What Happened
Security experts believe the attack exploited a flaw in Balancerโs core vault system โ the smart contract that manages user balances and token swaps.
According to blockchain security firm GoPlus, a rounding error in swap calculations may have allowed the attacker to repeatedly siphon tiny amounts, creating small losses which the attacker could amplify via repeated โbatchSwapโ operations to distort prices and siphon funds.
However, cybersecurity researcher Aditya Bajaj has offered a different take on the incident. He suggests the flaw may stem from improper authorization and callback handling within Balancerโs V2 vaults.
According to Bajaj, the attacker deployed a malicious smart contract that tampered with vault calls during pool initialization, allowing them to bypass safety checks and perform unauthorized swaps across interconnected pools.
At the time of writing, Balancer has not confirmed this version. However, it has promised to share more details about the hack and a full post-mortem as soon as possible.”
Before the hack, Balancer managed over $775 million in total assets, according to DefiLlama. Its native token, BAL, plunged by more than 11% after the exploit.
Scammers Add To The Chaosย
In the chaos that followed, scammers tried to impersonate Balancer online by creating a fake Balancer account, pretending to offer the hacker a fake โwhite-hat bountyโ โ a supposed 20% reward if they returned the remaining stolen funds.
The message, which mimicked Balancerโs tone and branding, even threatened legal action if the hacker refused, but it was later confirmed to be a phishing scam targeting unsuspecting users into sending funds or revealing wallet details.
Balancer has since warned the public to ignore unofficial messages and that all verified updates will only appear on its official X account and Discord server.
What Next
While investigations continue, the Balancer breach highlights how vulnerable decentralized finance platforms can be and the growing sophistication of attacks targeting these platforms. The incident highlights the need for stronger on-chain authorization checks and real-time contract monitoring. Until Balancer publishes its post-mortem, the crypto community is left waiting โ and watching closely.
