100 million defi breach

Hackers ripped through Balancer’s smart contract defenses Wednesday, draining a staggering $116 million in digital assets from one of DeFi’s largest liquidity protocols. The attack, which began around 9:18 UTC on November 3, 2025, quickly escalated from initial estimates of $70 million as the exploit spread like wildfire across multiple blockchain networks. So much for security audits.

Another day, another DeFi collapse as hackers ransack Balancer for a cool $116 million across multiple networks.

The thieves made off with a crypto shopping spree: 6,587 WETH worth $24.5 million, 6,851 osETH valued at $26.9 million, and 4,260 wstETH at approximately $19.3 million. The damage wasn’t limited to Ethereum either. The hackers methodically drained funds across six networks, including Arbitrum ($8M), Base ($3.95M), and Sonic ($3.4M).

Technical analysis revealed the culprit: a critical vulnerability in Balancer’s V2 vault, specifically in the “manageUserBalance” function. The vulnerability stemmed from improper authorization checks during pool initialization. The flaw fundamentally gave attackers VIP access to everyone’s crypto. No private keys were compromised—just good old-fashioned smart contract bugs doing what they do best: losing people money.

Balancer, which held around $750 million in total value locked before the attack, saw its native BAL token tumble 5-10% as news spread. The protocol’s team acknowledged the breach and promised to investigate. Fat lot of good that does now. Investors would have been better protected had they employed tiered stop-loss orders to limit their exposure to the plummeting BAL token.

What makes this exploit particularly nasty is how it leveraged Balancer’s interconnected design against itself. The attackers used malicious contracts to bypass normal permission checks, manipulating the vault with unauthorized withdrawals via UserBalanceOpKind.WITHDRAW_INTERNAL. Fancy technical term for “we’re taking your money.”

The stolen funds were quickly shuffled into fresh wallets, likely prepping for a money-laundering tour through crypto mixers and bridges. This marks November’s first major DeFi hack, following an October that saw $88 million pilfered from various protocols. CEO Mikko Otamaa has suggested that a bug in validation logic was responsible for the vulnerability.

The crypto world’s security woes continue, and trust in composable DeFi takes another hit. Shocking absolutely no one.

Leave a Reply
You May Also Like

Controversial: Solana Slashes $500M in Sandwich Attacks as 75% of SOL Staked in 2025 Overhaul

Solana’s $500 million sandwich attack scandal reveals shocking vulnerabilities. Can new security measures truly protect stakers? The resolution lies in the details.

Zerolend to Wind Down After 3 Years — Why Are Users Being Told to Withdraw Funds?

Zerolend’s sudden closure leaves users scrambling. What caused this stunning downfall and what does it mean for your investments? Act now before it’s too late.

Hundreds of MetaMask Wallets Drained — Don’t Click That ‘Update’ Alert

Hundreds of MetaMask users have been left reeling as over $107,000 vanishes. Are you next? Learn how to safeguard your assets now.

Alarming Solana Flaw Shows How Its ‘Always-On’ Network Could Be Stalled by Hackers

A critical flaw in Solana’s network could spell disaster for investors. How will the foundation respond to this escalating threat?