DeFi Disaster: Hackers Steal $120 Million in ETH from Balancer Protocol in Massive Breach
Hackers have breached the DeFi protocol Balancer, stealing over $120 million worth of cryptocurrency. Analysts estimate that roughly $99 million of the stolen assets were in Ether (ETH). The incident, which occurred in the early hours of November 3, stands as one of the largest DeFi hacks in recent months.
The Balancer team confirmed the breach and announced that an investigation is underway. According to experts, the attack exploited a vulnerability in access control mechanisms, allowing the attackers to gain unauthorized control over parts of the protocol and siphon funds from multiple liquidity pools.
Upon discovering the breach, developers suspended all affected pools and initiated recovery mode. However, several crypto platforms associated with Balancer remained beyond its direct control and continued operating as normal. Company representatives emphasized that the project regularly undergoes independent security audits and has long maintained a bug bounty program. The team, together with legal counsel and external experts, is now working to determine the full scope of the incident and has warned users about fraudulent messages impersonating Balancer’s security team.
In the wake of the attack, several other participants in the DeFi ecosystem took emergency measures. The Berachain Foundation temporarily halted its network to prevent further losses and announced that part of the stolen assets had been frozen. Similar actions were taken by the Gnosis, Sonic, and Beefy projects. Although Balancer has experienced isolated security incidents in the past, it has never before suffered losses of this magnitude. Over the years, the project has undergone around ten audits by leading blockchain firms.
Just a week earlier, another DeFi project — Garden Finance — lost approximately $10.8 million in a similar exploit. According to Elliptic, cybercriminals have stolen more than $2 billion in cryptocurrency during the first nine months of 2025. A significant portion of these funds, international agencies report, may have been taken by hackers linked to the North Korean government, which has turned digital asset theft into one of the primary sources of funding for its missile program.
A joint report published by the governments of the United States, France, Germany, Japan, and other nations stated that between January and September 2025, Pyongyang obtained at least $1.65 billion in cryptocurrency through such attacks.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
