Incident Overview
In a recent incident involving Balancer, crucial quick actions from security partners, ethical hackers, and blockchain organizations have successfully safeguarded or recovered a considerable amount of funds following a security breach. This incident serves as a stark reminder of the vulnerabilities and resilience present in the realm of decentralized finance (DeFi), providing valuable insights for both seasoned investors and newcomers in the sector.
Details of the Exploit
The exploit was traced back to a rounding error during the “exact out” swap procedure, a mechanism that lets users specify the amount of tokens they wish to receive, with the system determining the necessary input amount. Due to an underestimation caused by this miscalculation, malicious actors were able to withdraw funds without compensating for them correctly. The exploit relied on three factors: the rounding error itself, unreliable rate providers, and low liquidity levels. Notably, only the Composable Stable Pools on V2 exhibited these conditions, leaving other variants, including V3, unaffected by the attack.
Response and Recovery Efforts
On November 18, 2025, a comprehensive analysis of the exploit was published, outlining the situation, responses, and future recovery endeavors. Balancer affirmed its ongoing commitment to restoring lost assets and introduced pathways for compensation. The initial stages of the breach involved attackers utilizing an “exitSwap” function to exploit the low liquidity situation, which led to a sequential series of swaps that eroded the value of the pool’s tokens, facilitating the extraction of considerable sums. Unlike conventional heists, the compromised assets lingered internally before being withdrawn, which afforded security teams essential time to intervene.
Individuals who had assets on BEX during the exploit are advised to verify their asset status. Fortunately, most stablecoin funds impacted on BEX have been reclaimed, and while over 90% of ETH has been recovered, only about 40% of the BERA funds have been retrieved.
Collaborative Efforts and Future Security
Demonstrating effective response strategies, Crypto.com and Ether.fi managed to withdraw their assets amid the crisis, thereby reducing their potential losses. Furthermore, under the SEAL Safe Harbor Agreement, ethical hackers successfully recovered $4.6 million across various networks. Collaborative efforts spanning Ethereum, Polygon, Arbitrum, Base, and Optimism resulted in the protection of around $45.7 million worth of funds, with more than $20 million of the stolen assets having been salvaged by ethical hackers, underscoring their crucial role in safeguarding the DeFi landscape.
Post-incident analysis has highlighted the critical need for ongoing security checks and the significance of robust partnerships within the ecosystem. Balancer’s V3 structure features enhanced rounding controls and streamlined calculations, effectively averting similar vulnerabilities encountered in previous iterations. Recent developments suggest a trend towards implementing multi-layered defense mechanisms and proactive initiatives for the protection of user assets across various protocols.
Advice for Users
Patrick Collins, co-founder of Cyfrin Audits, remarked on the recent exploit and cautioned against relying on questionable analyses from less-informed sources, advising users to be discerning about information circulated by self-proclaimed authorities.
Balancer encourages liquidity providers to stay vigilant and proactive, urging users to transition from V2 stable pools to the more secure V3 framework. The company has committed to redistributing reclaimed funds to affected users proportional to their losses and continues to work relentlessly with legal and technical teams to recover additional assets.
It’s vital for users to approach investments in cryptocurrencies with caution, as these high-risk assets require careful research and due diligence. Anyone considering engagement in such markets should be mindful of their personal risk tolerance and make informed decisions based on comprehensive information.
