$116M in Crypto Assets Gone – Balancer Suffers One of DeFi’s Largest Exploits

Over $116 million in crypto assets have been drained from Balancer Protocol, marking one of the most severe decentralized finance (DeFi) exploits of ￰2￱ approximately 9:12 AM on Monday, blockchain analytics firm Lookonchain first raised the alarm , reporting that Balancer had been exploited for $70.6 million in crypto ￰3￱ data revealed that the attacker siphoned off 6,587 WETH ($24.46 million), 6,851 osETH ($26.86 million), and 4,260 wstETH (~$19.27 million) across multiple ￰4￱ $116M DeFi Exploit Unfolds Within just thirty minutes, Lookonchain updated that the attack was still ongoing, with total stolen funds exceeding $116 ￰5￱ insane — the total stolen funds from the Balancer exploit have now surged to $116.6M. ￰0￱ ￰6￱ — Lookonchain (@lookonchain) November 3, 2025 The scale and precision of the exploit suggest a highly coordinated and technically sophisticated operation spanning several DeFi ￰7￱ of press time, on-chain data shows the hacker’s DeBank portfolio holding around $95 million, while roughly $21 million has been distributed to various wallets, likely an early move toward obfuscating and liquidating the stolen assets.) that had been dormant for three years but suddenly withdrew $6.5 million from Balancer ￰8￱ DeFi Protocols Respond Major Ethereum-based protocols have been quick to respond.

Lido, a leading liquid staking platform, confirmed that certain Balancer V2 pools were impacted but clarified that Lido’s core protocol and user funds remain ￰9￱ reported widely today, certain V2 Balancer pools have been ￰10￱ Lido Protocol remains unaffected, and all user funds are ￰11￱ of an abundance of caution, the Veda team – curators of Lido GGV – has withdrawn its unaffected Balancer ￰12￱ Lido Earn funds… — Lido (@LidoFinance) November 3, 2025 In an official statement, Lido noted: “Out of an abundance of caution, the Veda team — curators of Lido GGV — has withdrawn its unaffected Balancer position.” Meanwhile, Aave, another top DeFi lending protocol, emphasized that it remains completely ￰13￱ explained that its Aave/stETH stkBPT pool uses a custom version of Balancer V2 that operates independently of Balancer’s vulnerable components.

“The Aave protocol has no dependencies over Balancer V2 and is unaffected to the best of our knowledge,” the team ￰14￱ Root Cause and Ongoing Investigation Balancer developers have acknowledged the exploit but have not revealed the root cause or the extent of the loss. We’re aware of a potential exploit impacting Balancer v2 ￰15￱ engineering and security teams are investigating with high priority. We’ll share verified updates and next steps as soon as we have more information. — Balancer (@Balancer) November 3, 2025 However, early signs point to a complex cross-chain exploit vector that may have targeted the protocol’s unique liquidity architecture.

Moreover, today’s exploit is not the first time the Balancer protocol has faced attacks and drains from its ￰16￱ August 2023, the protocol suffered a $2 million drain associated with a code vulnerability, and then the following month, over $900,000 was drained again across its V2 ￰17￱ like the recent exploit, the vulnerable assets were spread across various networks, including Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and ￰18￱ DeFi Security Concerns Another noticeable concern about the recent crypto exploit is how it’s now spreading across every major chain aside from ￰19￱ September 8, Nemo Protocol, a decentralized finance (DeFi) yield platform operating on the Sui blockchain, fell victim to a cyberattack that resulted in $2.4 million in losses just ahead of its scheduled maintenance ￰20￱ Protocol loses $2.4M to hackers on Sui blockchain as TVL crashes 75% from $6.3M, marking the third major DeFi hack this month alone. #Sui #Nemo ￰1￱ — ￰21￱ (@cryptonews) September 8, 2025 On the same day, Swiss crypto platform SwissBorg lost $41.5 million worth of Solana (SOL) tokens after hackers compromised partner API provider Kiln.

Similarly, in May, Cryptonews reported that Cetus Protocol, a decentralized exchange built on the Sui blockchain, fell victim to an exploit that siphoned off more than $200 million in crypto assets. PeckShield’s latest report reveals that crypto hacks caused $127.06 million in losses in September 2025 alone, noting the continued risk of large-scale attacks on decentralized finance (DeFi) and blockchain ￰22￱ just the first half of 2025, crypto exploits reached $2.1 billion, nearly matching all of 2024’s total ￰23￱ Crypto Hacks Keep Happening When Cryptonews spoke with Mitchell Amador, founder and CEO of Immunefi, in August, he revealed that most crypto hacks happen for three major reasons, which are: Static audits: Enterprises rely on one-time checks, missing post-launch flaws in evolving smart ￰24￱ incentives: They underestimate Web3’s open-ledger attack appeal, needing bounties to outbid black ￰25￱ Web3 expertise: Many teams lack prior blockchain knowledge, missing composability or oracle risks.