One of Ethereum’s top decentralized finance (DeFi) platforms, Balancer, has suffered a significant Balancer hack leading to losses estimated at over $120 million. The breach, which occurred early Thursday UK time, targeted Balancer V2 Composable Stable Pools, prompting the company to suspend operations on affected systems while initiating a full investigation with leading security experts.
Balancer, known for its automated market maker (AMM) and portfolio management features, allows users to trade cryptocurrencies and earn returns by providing liquidity to “Balancer pools.” The firm confirmed that only specific V2 pools were compromised and that its V3 pools remain unaffected.
“Our team is working with leading security researchers to understand the issue and will share additional findings and a full post-mortem as soon as possible,” Balancer stated on X (formerly Twitter).
“Any pools that could be paused have been paused and are now in recovery mode.”
Technical Flaw Exploited by Hackers
Cybersecurity experts investigating the Balancer hack believe that the attackers exploited a rounding-down precision loss in Balancer’s Vault calculations — a flaw that affected how token prices were computed.
According to blockchain security firm GoPlus Security, the vulnerability was amplified by the batchSwap function, which allowed the attackers to manipulate token prices through carefully crafted parameters.
“Each calculation rounded down, impacting token prices. The batchSwap function magnified this vulnerability, enabling attackers to manipulate values at scale,” GoPlus explained.
This Balancer hack showcases the growing complexity of DeFi attacks, where even minor coding imprecisions can be weaponized. Experts note that such precision handling errors in smart contracts represent a recurring risk area in the crypto industry.
Users Warned of Phishing Scams
In the aftermath of the Balancer hack, Balancer issued a warning about phishing messages being circulated by malicious actors impersonating its security team. The firm urged users not to interact with suspicious links or communications claiming to assist with fund recovery.
“Fraudulent messages claiming to be from the Balancer Security Team are circulating,” the company posted. “These are not from us. Do not click unknown links or share information.”
The phishing campaign appears designed to exploit panic among affected users. According to the company, scammers are falsely offering a 20% “white-hat bounty” for returning stolen funds while alleging to possess data that could identify the attackers.
Such tactics are common after major cyber incidents, where secondary fraud attempts often follow large-scale breaches.
Broader Impact and Security Concerns
The Balancer hack comes at a time when crypto-related attacks are escalating globally. A mid-year analysis by Chainalysis reported that losses from cryptocurrency hacks in the first half of 2025 had already exceeded the total for 2024.
Despite extensive audits and bug bounty programs, Balancer’s defenses were breached, raising concerns about the resilience of even well-secured DeFi projects. The company confirmed that its platform had undergone multiple audits by top firms prior to the incident.
Security analysts suggest that the Balancer hack underscores a key issue facing decentralized finance — even thoroughly tested smart contracts can contain exploitable logic flaws that slip through traditional code reviews.
While Balancer works toward recovery, cybersecurity professionals are urging DeFi projects to adopt real-time vulnerability monitoring, layered verification, and continuous precision audits to detect such issues before exploitation.
The Balancer hack is a reminder that as DeFi protocols become more sophisticated, attackers are evolving just as rapidly. For investors and users, the event highlights the continued need for vigilance, secure wallet practices, and cautious interaction with decentralized platforms following any breach announcement.
Also Read: Cyber Range Live Attack: Trains San Antonio Cyber Defenders
