Balancer Protocol Reels from Devastating Multi-Million Dollar Security Breach
The decentralized finance platform Balancer is confronting a severe security incident, as on-chain analytics reveal the unauthorized siphoning of substantial digital assets to a new address.
Furedata - The Balancer protocol, a prominent automated market maker, has experienced an apparent security breach. Initial reports indicated around $70 million was compromised, but subsequent analyses suggest the total losses may now exceed $116 million.
On-chain data confirms the movement of large quantities of liquid staked Ether tokens. The transfers included 6,850 osETH, 6,590 WETH, and 4,260 wstETH, all illicitly funneled into a newly established cryptocurrency wallet.
Blockchain intelligence firm Nansen first highlighted the suspicious transfers. Other security analysts, including Cyvers and Lookonchain, later reported escalating figures, estimating the total exploit value at between $84 million and $116.6 million across multiple chains.
The breach originated from a faulty access control mechanism within the "manageUserBalance" function. Information from Cointelegraph (November, 2025), explains this logic flaw permitted attackers to execute unauthorized internal withdrawals by exploiting a specific operational command without proper permissions.
The exploit’s impact was not isolated, affecting Balancer V2 vaults on networks like Sonic, Polygon, and Base. Consequently, Balancer's native BAL token depreciated by over 5%, reflecting dwindling investor confidence in the platform's security.
This incident adds to a history of security vulnerabilities for the protocol. Balancer previously fell victim to a DNS phishing attack, a nearly $1 million stablecoin exploit in 2023, and a $500,000 flash loan attack in 2020.
The protocol's core design, which consolidates all pool tokens into a single vault contract, is now under scrutiny. This architecture has made affiliated projects like Beets Finance vulnerable, which reported over $3 million in associated losses.
The exploiter has reportedly started consolidating the stolen assets, sparking fears of laundering via crypto mixers. Meanwhile, the Balancer team has yet to release an official statement addressing the catastrophic breach and its wide-ranging consequences.