Executive Summary

On November 3, 2025, the Balancer decentralized finance (DeFi) protocol suffered a critical security breach resulting in the theft of over $128 million in digital assets from its V2 pools. The attack exploited vulnerabilities in the protocol’s smart contract logic, specifically targeting precision rounding errors and invariant manipulation within the Balancer V2 vaults. The incident affected deployments across multiple blockchains, including Ethereum, Base, Polygon, and Arbitrum, and also impacted several forks of the protocol. Despite undergoing multiple security audits by leading firms, the exploit was executed using sophisticated on-chain techniques involving malicious smart contracts and custom tokens. The attack remains under investigation, with the Balancer team collaborating with security researchers to determine the full scope and technical details. No official attribution has been made, but the scale and method of the attack are consistent with recent trends in DeFi-targeted cybercrime. This report provides a comprehensive technical analysis of the incident, assesses the quality of available evidence, and offers prioritized mitigation recommendations.

Technical Information

The Balancer protocol is a DeFi platform operating as an automated market maker and liquidity infrastructure layer on the Ethereum blockchain and other networks. It allows users to deposit assets into customizable pools, earn fees, and facilitate token swaps. The protocol’s V2 vaults aggregate tokens and manage trades between liquidity pools, governed by the BAL token.

The attack on November 3, 2025, targeted the V2 Compostable Stable Pools of Balancer, resulting in the unauthorized outflow of approximately $128 million in assets. The exploit was executed through a combination of smart contract vulnerabilities:

The first vector involved a precision rounding error in the vault’s swap calculations. Each swap operation rounded down token amounts, creating small discrepancies. The attacker exploited this by chaining multiple swaps using the batchSwap function, compounding these rounding losses into significant price distortions and draining liquidity from the pools (BleepingComputer).

A second, likely concurrent vector was invariant manipulation. Invariants are mathematical rules that govern token swaps in liquidity pools. The attacker deployed malicious smart contracts and minted fake tokens to falsify the invariant inputs, manipulating the exchange rates and enabling swaps at highly favorable prices. This allowed the attacker to drain the pools by exchanging tokens at manipulated rates (DLNews).

There is also evidence suggesting improper authorization and callback handling. A maliciously deployed contract manipulated vault calls during pool initialization, bypassing protocol safeguards and enabling unauthorized swaps and balance manipulations across interconnected pools (BleepingComputer).

Onchain data from Etherscan revealed large, unusual transfers from the Balancer “0xBA1...BF2C8” address to an external wallet. The outflows included 6,587 WETH (worth $24.5 million), 6,851 osETH ($26.9 million), and 4,260 wstETH ($19.3 million), among other assets (TradingView/The Block). Blockchain analytics firms, including Nansen and PeckShield, flagged these transactions as suspicious and indicative of an ongoing exploit campaign.

The attacker’s address continued to spawn new contracts and mint custom tokens after the initial theft, suggesting an expanding campaign rather than a single, isolated incident. The exploit affected not only the main Balancer protocol but also at least 27 forks across multiple blockchains, including Beets on the Sonic Chain and Beethoven on the Optimism blockchain (DLNews).

Despite the protocol’s history of 11 security audits by firms such as OpenZeppelin, Trail of Bits, Certora, and ABKD, the vulnerabilities remained undetected or unmitigated. The attack demonstrates the limitations of current audit practices in identifying complex, composable smart contract flaws.

The technical attack chain can be mapped to the following MITRE ATT&CK and AADAPT™ techniques:

• Exploit Smart Contract Implementation (AADAPT™ ADT3012): Exploiting vulnerabilities in smart contract code to manipulate transactions and steal funds (MITRE AADAPT™ ADT3012).

• T1588.006 – Obtain Capabilities: Vulnerabilities: Identifying and exploiting vulnerabilities in deployed smart contracts (MITRE ATT&CK T1588.006).

• T1609 – Container Administration Command: Deploying and executing malicious smart contracts in blockchain environments (MITRE ATT&CK T1609).

• T1496 – Resource Hijacking: Draining liquidity pools and stealing assets from DeFi protocols (MITRE ATT&CK T1496).

The attack chain involved reconnaissance to identify vulnerable contracts and forks, weaponization through the development of malicious contracts and fake tokens, initial access and execution by deploying these contracts, exploitation of rounding errors and invariants, and finally, the transfer of stolen assets to attacker-controlled wallets.

No traditional malware was identified; the entire attack was conducted on-chain using smart contract exploits. The technical evidence supporting these conclusions is of high quality, based on direct onchain analysis and corroborated by multiple independent security firms.

Affected Versions & Timeline

The exploit specifically targeted the Balancer V2 pools, with the V2 Compostable Stable Pools confirmed as affected. Other pools, including Balancer V3, were not impacted according to official statements (BleepingComputer). The attack also affected several forks of Balancer on different blockchains, including Beets and Beethoven.

The incident began at approximately 7:48 AM UTC on November 3, 2025, when the exploit was first detected. The heaviest impact was observed on the Ethereum deployment, with $100 million drained from the protocol’s coffers. The attack continued across other blockchains, with the attacker’s address spawning new contracts and minting custom tokens throughout the day (DLNews).

Onchain data and blockchain analytics flagged the suspicious transactions in real time, and the Balancer team acknowledged the incident on social media, stating that their engineering and security units were investigating with high priority (TradingView/The Block). As of the report date, a full post-mortem and detailed technical disclosure from Balancer are pending.

Threat Activity

The threat actor demonstrated a high level of sophistication, leveraging advanced knowledge of smart contract logic and DeFi protocol mechanics. The attack was multi-pronged, exploiting both mathematical and authorization flaws in the Balancer V2 codebase.

The attacker’s use of custom smart contracts and fake tokens to manipulate invariants and rounding errors is consistent with recent trends in DeFi-targeted cybercrime. The campaign’s expansion to multiple blockchains and protocol forks indicates a deliberate effort to maximize impact by targeting codebase reuse and shared vulnerabilities.

While no direct attribution has been made, the scale and method of the attack are similar to previous incidents linked to North Korean advanced persistent threat (APT) groups, such as the Lazarus Group. In 2025 alone, over $2 billion in cryptocurrency thefts have been attributed to North Korean actors, with the largest being the Bybit attack in February ($1.5 billion) (BleepingComputer). However, there are currently no unique technical indicators—such as reused contract code, wallet clustering, or infrastructure—that directly link this attack to a specific threat actor. Attribution remains circumstantial and based on sector targeting and historical patterns.

The attack also triggered opportunistic phishing attempts, with at least one party impersonating Balancer to offer a fake “white-hat bounty” to the attacker, attempting to recover funds through social engineering (BleepingComputer). This secondary activity underscores the heightened risk of further scams and social engineering in the aftermath of high-profile DeFi incidents.

Mitigation & Workarounds

The following recommendations are prioritized by severity:

Critical: Immediately suspend all interactions with Balancer V2 pools and any known affected forks until official patches or mitigations are released. Users and integrators should withdraw funds from vulnerable pools where possible, as the attacker’s address remains active and the exploit campaign may continue (DLNews).

High: Conduct a comprehensive review of all smart contract codebases derived from or forking Balancer V2, focusing on swap logic, invariant calculations, and authorization/callback mechanisms. Engage independent security researchers to perform targeted audits for similar vulnerabilities.

High: Monitor onchain activity for suspicious contract deployments, token minting, and large, unusual transfers from protocol vaults. Use blockchain analytics tools to flag and respond to potential exploit attempts in real time.

Medium: Educate users and stakeholders about ongoing phishing and social engineering risks. Warn against responding to unsolicited messages offering bounties or fund recovery, and verify all communications through official channels.

Medium: Review and update incident response plans for DeFi protocols, ensuring rapid detection, communication, and containment procedures are in place for smart contract exploits.

Low: Advocate for sector-wide improvements in smart contract audit methodologies, including formal verification and adversarial testing of composable DeFi protocols.

References

BleepingComputer, "Hacker steals over $120 million from Balancer DeFi crypto protocol," Nov 3, 2025: https://www.bleepingcomputer.com/news/cryptocurrency/hacker-steals-over-120-million-from-balancer-defi-crypto-protocol/

DLNews, "Balancer suffers $128m smart contract exploit despite multiple audits," Nov 3, 2025: https://www.dlnews.com/articles/defi/balancer-suffers-128m-exploit-despite-multiple-audits/

TradingView/The Block, "DeFi protocol Balancer potentially exploited as onchain data shows millions in outflows," Nov 3, 2025: https://www.tradingview.com/news/the_block:a3f50d25d094b:0-defi-protocol-balancer-potentially-exploited-as-onchain-data-shows-millions-in-outflows/

MITRE AADAPT™ ADT3012, "Exploit Smart Contract Implementation": https://aadapt.mitre.org/techniques/ADT3012/

MITRE ATT&CK, T1588.006: https://attack.mitre.org/techniques/T1588/006/

MITRE ATT&CK, T1609: https://attack.mitre.org/techniques/T1609/

MITRE ATT&CK, T1496: https://attack.mitre.org/techniques/T1496/

About Rescana

Rescana provides a third-party risk management (TPRM) platform designed to help organizations identify, assess, and monitor risks in their digital supply chain, including exposure to vulnerabilities in smart contracts and DeFi protocols. Our platform enables continuous monitoring of vendor and protocol security posture, supports rapid incident response, and integrates with blockchain analytics for real-time threat detection. For questions or further information, contact us at ops@rescana.com.