Balancer Faces Major Exploit
Balancer, a decentralized exchange (DEX), is currently confronting a formidable challenge after suffering a significant exploit that resulted in losses exceeding $100 million. In a bid to resolve the situation amicably, the Balancer team has extended a public appeal to the perpetrator, encouraging them to return the misappropriated funds in exchange for a bounty, rather than engaging in a lengthy dispute.
Public Appeal to the Hacker
This unprecedented outreach was executed through an on-chain message, marking the first direct communication from Balancer to the hacker’s identified wallet. The decentralized autonomous organization (DAO) outlined its terms clearly: the attacker is given options to either return the stolen assets, claim a specified bounty, or risk facing both technical and legal repercussions, not to mention consequences tied to their on-chain activities.
Community Response and Transparency
On November 5, 2025, Balancer acknowledged the distress of its users, who are eagerly anticipating updates on the situation. A representation from Balancer expressed continued commitment to transparency during the ongoing investigation. Hitting their V2 Composable Stable Pools, the exploit drained assets including staked Ether, OSETH, WETH, and wstETH, which collectively amounted to around $116 million and were subsequently transferred to a new wallet to prevent further loss.
Security Concerns
The incident raises critical questions regarding the security audits previously conducted by four different firms on Balancer’s smart contracts, given that the exploit managed to penetrate the system despite these thorough evaluations. Hackers leveraged specific vulnerabilities, particularly using BatchSwaps associated with a rounding function linked to EXACT_OUT swaps, which persisted in both v2 Stable Pools and Composable Stable v5 Pools.
Analysis and Future Steps
In the aftermath of the attack, Balancer released an analysis detailing these exploits to address community concerns. Prior to the hack, the Balancer team had signaled a willingness to grant a reward of up to 20% of the stolen funds, equating to over $20 million, though no acceptance of this offer has been reported as of late.
Looking Ahead
As this scenario unfolds, Balancer aims to rectify the situation without inflicting additional damage, hoping to restore trust in the platform while enhancing its security protocols. The situation stands as one of the most significant cyberattacks in the cryptocurrency realm for the year, with the community watching closely in anticipation of the hacker’s response and the overall resolution of the crisis.
