ZachXBT Warns of New EVM Chains Security Risk: Cause Still Unknown
Share
Key Takeaways
The Ethereum-based DeFi protocol Balancer was exploited on November 3, resulting in losses exceeding $70 million.
Attackers drained multiple liquidity pools and moved funds into a single new wallet within minutes.
This marks Balancer’s third major breach since 2020, raising renewed questions about DeFi security.
The decentralized finance (DeFi) protocol Balancer, one of Ethereum’s most established automated market makers (AMMs), suffered a major exploit on November 3, resulting in losses of nearly $116.9 million.
Another Blow to DeFi Security: What Happened?
On-chain data shows that multiple Balancer liquidity v2 pools were drained in rapid succession, with the stolen tokens quickly transferred to a newly created wallet controlled by the attacker.
The root cause was a faulty access control check in Balancer V2’s manageUserBalance function, specifically in _validateUserBalanceOp.
This allowed the attacker to:
Supply a malicious op.sender parameter, bypassing permission checks.
Trigger unauthorized internal balance withdrawals from vaults without proper authorization.
The vulnerability affected older V2 forks, potentially exposing more than $60 million in downstream protocols.
The attack likely involved flash loans or scripted transactions to amplify drains across chains. Balancer’s team confirmed the issue impacts V2 pools and is investigating, urging users to revoke approvals and avoid interactions.
Total Assets Lost: $117 Million
According to blockchain trackers, the drained assets had reached $116.9 million by the time of writing.
Balancer hack stolen assets. Source: Lookonchain
The swift execution of the transfers suggests the attacker had a deep understanding of Balancer’s smart contracts, potentially exploiting a flaw in how the platform handles swaps or manages pool balances.
Balancer did not immediately respond to a request for comment.
Balancer Reacts, Community on Edge
Hours after the hack, Balancer’s team acknowledged the exploit and said they are actively monitoring the issue. They also assured the community that they would provide timely updates.
Blockchain analysts have advised users to refrain from interacting with Balancer pools until more information is released, warning that additional vulnerabilities may still be present.
This is not Balancer’s first encounter with hackers. In fact, the platform has now suffered three major security incidents in five years — an unsettling record for one of DeFi’s longest-running protocols.
In 2023, another vulnerability in its “boosted pools” led to $900,000 in losses despite prior security warnings.
The latest $117 million attack dwarfs those previous incidents, making it Balancer’s most severe exploit to date and one of the largest DeFi hacks of 2025.
Early evidence indicates a smart contract vulnerability that enabled the attacker to manipulate swaps or imbalances across multiple pools — a recurring weakness in complex AMM protocols.
At the time of writing, no funds had been recovered, and the attacker’s wallet remains active on Ethereum.
Prashant Jha is a seasoned crypto journalist based in Delhi, India, with a Bachelor’s Degree in Computer Science Engineering. Passionate about the evolving world of blockchain and cryptocurrencies, he has been a dedicated voice in the industry since 2018. Prashant’s expertise lies in regulatory reporting, where he unravels complex legal and financial developments with clarity and precision. Before joining CCN in 2024, he honed his craft at Cointelegraph, establishing himself as a trusted name in crypto journalism.
His coverage spans major industry events, including the high-profile collapses of FTX, Three Arrows Capital (3AC), and LUNA, offering readers insightful analyses of their regulatory and market implications. Prashant’s technical background enables him to bridge the gap between intricate blockchain technology and its real-world applications, making his work accessible to novices and experts.
Beyond his professional pursuits, Prashant is an avid music enthusiast, often exploring diverse genres to unwind. A sports lover, he has a particular passion for cricket and frequently engages in discussions about the game. His multifaceted interests and sharp journalistic instincts make him a valuable contributor to CCN, where he continues shaping the crypto landscape's narrative.
