Balancer Suffers Suspected $70M Exploit, Staked Ether Tokens Drained to New Wallet
Balancer, a decentralized exchange and automated market maker (AMM) on the Ethereum blockchain, is facing a suspected exploit resulting in the transfer of approximately $70 million in digital assets to a newly created wallet. On-chain data indicates that the decentralized finance (DeFi) protocol experienced a significant outflow of funds involving liquid staked Ether tokens.
Blockchain security firm Cyvers estimated that suspicious transactions involving up to $84 million across multiple chains related to Balancer were involved. The incident, which occurred on November 3, 2025, marks the third major security breach for Balancer since 2020, raising concerns about the platform's security and the broader DeFi sector.
The transfers, detected through Etherscan logs, comprised 6,850 StakeWise Staked ETH (osETH), 6,590 Wrapped Ether (WETH), and 4,260 Lido wstETH. Crypto intelligence platform Nansen highlighted the movement of these assets to a fresh wallet in a post on Monday. The swiftness with which the transfers were executed suggests a sophisticated attacker with in-depth knowledge of Balancer's smart contracts, potentially exploiting vulnerabilities in how the platform manages swaps or pool balances.
As of press time, Balancer has not issued an official statement addressing the exploit. The lack of immediate communication from the Balancer team has fueled uncertainty and concern within the DeFi community. Blockchain analysts have cautioned users against interacting with Balancer pools until further information is available, warning of potential ongoing vulnerabilities.
The price of Balancer's native token (BAL) experienced an intraday drop of over 8%, reflecting investor unease and the sensitivity of market sentiment to security breaches.
This incident follows two prior security incidents involving Balancer. In September 2025, Balancer experienced a domain name system (DNS) attack on its front-end website, where hackers redirected users to a phishing site with malicious smart contracts designed to steal funds. This attack resulted in approximately $238,000 in stolen digital assets. Prior to that, in August 2025, Balancer faced a nearly $1 million stablecoin exploit, occurring a week after the protocol disclosed a critical vulnerability affecting certain liquidity pools.
The repeated security incidents underscore the ongoing challenges within the DeFi space and the critical need for robust security measures to safeguard user assets and maintain trust in decentralized platforms. As the situation develops, stakeholders and users are closely monitoring for updates to fully understand the extent and implications of this latest exploit.
