Search
Choose a style
Dark
Light
Time to read: 4 min

Open source proves vital in $128m Balancer hack 

Hooded hacker with code background security concept.
Editorial credit: ozrimoz / Shutterstock.com

Crypto industry comes together yet again to salvage assets after Decentralised finance (DeFi) protocol Balancer was hacked. 

DeFi protocol Balancer was hacked on November 3, resulting in the loss of more than $100m in digital assets.

The company confirmed the incident on X, stating it was “aware of a potential exploit impacting Balancer v2 pools.”

Balancer V2 pools are smart-contract-based liquidity pools which allow users to deposit digital assets to facilitate automated trading and earn fees in return. 

Later in the day, Balancer said a recovery process had been initiated. However, because many of the affected pools have been live on-chain for several years, some were outside the window where transactions could be paused.

“Any pools that could be paused have been paused and are now in recovery mode. All other Balancer pools are unaffected. This issue is isolated to V2 Composable Stable Pools and does not impact Balancer V3 or other Balancer pools,” the company wrote.

According to blockchain security firm PeckShield, total losses had reached $128.64m at the time of publication. On-chain analyst EmberCN later reported liquid staking protocol StakeWise had managed to recover 5,041 osETH (approximately $19.3m) from the hacker via a contract call.

How the hack unfolded

The exploit reportedly ran for several hours before being detected.

Blockchain monitoring platform Cyvers Alerts said the attacker began laundering the stolen assets through Tornado Cash, a cryptocurrency mixer designed to obscure transaction trails. 

Blockchain analyst Lookonchain then later observed the hacker swapping large portions of the stolen funds into Ethereum.

A DeFi researcher on X detailed the attack as a series of sophisticated smart contract manipulations which took advantage of improper authorisation and callback handling within Balancer’s protocol. These flaws allowed the attacker to bypass safeguards and drain funds from the affected pools.

The hacker then consolidated assets into multiple wallets on the Ethereum mainnet before funnelling them through mixers to obscure their origin.

Industry response and collaboration

Hacks of this scale are becoming increasingly common across the crypto industry. Earlier this year, Bybit suffered what was described as the biggest attack on a crypto exchange, losing more than $1.4bn.

Bybit worked with multiple blockchain security firms to trace the attacker’s wallets and temporarily suspended its Safe function, a smart contract–based custody protocol. The company confirmed the feature itself had not been compromised and pledged to continually share updated attack data with partners to prevent further breaches.

Bybit also introduced a 10% bounty reward for those who successfully intercept or help recover stolen funds.

“I am energised by the incredible camaraderie on-chain and in real life. This can be a transformative moment for our industry if we get it right. Together, we can build a stronger defense system against cyber threats,” said Bybit CEO Ben Zhou

The same spirit of cooperation was seen again in the wake of the Balancer hack, with companies coming together to help recover funds. 

Simão Pinto, DeFi Lead at Balancer, wrote: “It’s a sad day for the industry and for everyone who’s worked tirelessly to build secure and transparent systems. We deeply appreciate the support from our partners, users, and the broader DeFi community as we work through this together.”

Among those who assisted in the recovery was Richard Meissner, Co-founder of Safe, an open-source smart contract wallet infrastructure used widely across DeFi projects. Safe provides programmable asset custody solutions for individuals and organisations and played a key role in StakeWise’s successful recovery of stolen funds.

Meissner used the moment to underline the importance of open-source collaboration in the blockchain ecosystem. 

He said: “Amazing to see how the ecosystem stands together in such times. I saw again why I believe in open standards. @safe being open source made it possible that tools are available to support in such situations. Thanks everyone and let’s keep building open source. We need more tools.”

Subscribe to our newsletter