Crypto Heist: Balancers Lost $128 Million in 2025’s Biggest Cyber Attack

Jakarta, Pintu News – Recently, hackers have stolen more than $120 million in digital assets in a single attack on Balancer, one of the leading Ethereum (ETH)-based DeFi (decentralized finance) platforms. According to reports, this attack became one of the biggest crypto hacks in 2025.

Big Hack, Hackers Steal Over $120 Million from Balancer

Balancer, which allows users to trade and benefit from crypto liquidity pools, confirmed the breach on Monday morning. They said that its V2 pool had been exploited.

Read also: Whale Crypto Releases 1 Billion DOGE: Dogecoin Continues to Struggle Below $0.17 Resistance

The incident was first detected at around 07:48 UTC, and although the Balancer team says the issue has been brought under control, the recorded losses have surpassed $128 million according to blockchain analysis firms.

“This issue only occurs in V2 Composable Stable Pools and does not affect Balancer V3 or any other Balancer pools. We are working closely with security and legal teams to ensure user safety, and are conducting a prompt and thorough investigation,” Balancer wrote in a statement on X (formerly Twitter).

“Our team of engineers and security specialists are making this investigation a top priority. We will share official information and next steps as soon as additional data becomes available,” the statement continued.

What Happened? Technical Details of the Attack on the Balancer

Cybersecurity experts believe that this attack took advantage of a loophole in the Balancer vault core system – the main smart contract that manages user balances and the token exchange process.

According to blockchain security firm GoPlus, the loophole most likely stems from a rounding error in the swap calculation. This loophole allows perpetrators to repeatedly siphon off small amounts of funds-through “batchSwap” operations-which can then be manipulated to distort prices and gradually but significantly drain funds from the pool.

However, cybersecurity researcher Aditya Bajaj provides a different analysis. He suspects that the root of the problem stems from improper handling of authorizations and callbacks in Balancer’s V2 vault.

Bajaj explained that the perpetrators used a malicious smart contract that was leveraged to disrupt the vault call process during pool initialization. This allowed them to bypass security checks and perform unauthorized swaps across interconnected pools.

As of now, Balancer has not confirmed the version submitted by Bajaj, but they promise to share the full report and details of the technical investigation as soon as possible.

Before the attack, Balancer managed over $775 million in total assets according to data from DeFiLlama. After this exploit, Balancer’s native token, BAL, plummeted by more than 11%.

Fraudsters Add to the Chaos

Amidst the chaos that followed the hack, scammers took advantage of the situation by creating fake accounts posing as Balancer. They tried to trick the public by offering a fake “white-hat bounty” – a 20% reward to hackers for returning the remaining stolen funds.

Read also: Is Solana at Risk? Analysts Warn of Potential 30% Drop Below $100

The fraudulent message mimicked Balancer’s communication style and official look, and even included a threat of legal action if the hacker refused the offer. However, it was later revealed that it was a phishing scheme aimed at tricking users into sending funds or leaking their wallet details.

The Balancer has issued an official warning to the public to ignore all messages that do not come from the official account, and emphasized that all legitimate updates will only be announced through their official X (Twitter) account and Discord server.

What’s Next?

While the investigation is still ongoing, the Balancer hack incident shows how vulnerable decentralized finance (DeFi) platforms are to attacks, as well as the increasingly sophisticated tactics used by cybercriminals.

This event highlights the importance of implementing stricter on-chain authorization checks and real-time monitoring of smart contracts. Until Balancer releases a full post-mortem report, the crypto community can only wait – and continue to monitor vigilantly.

That’s the latest information about crypto. Follow us on Google News to get the latest crypto news about crypto projects and blockchain technology. Also, learn crypto from scratch with complete discussion through Pintu Academy and stay up-to-date with the latest crypto market such as bitcoin price today, xrp coin price today, dogecoin and other crypto asset prices through Pintu Market.

Enjoy an easy and secure crypto trading experience by downloading Pintu crypto app via Google Play Store or App Store now. Also, get a web trading experience with various advanced trading tools such as pro charting, various types of order types, and portfolio tracker only at Pintu Pro.

*Disclaimer

This content aims to enrich readers’ information. Pintu collects this information from various relevant sources and is not influenced by outside parties. Note that an asset’s past performance does not determine its projected future performance. Crypto trading activities have high risk and volatility, always do your own research and use cold cash before investing. All activities of buying and selling bitcoin and other crypto asset investments are the responsibility of the reader.

Reference:

• PYMNTS. Crypto Protocol Balancer Hit by $128 Million Hack. Accessed on November 6, 2025
• Techworm. Hackers steal $128 million in Balancer crypto heist. Accessed on November 6, 2025