- Assets moved included StakeWise Staked Ether (OSETH), Wrapped Ether (WETH), and Lido wstETH (wSTETH).
- In September 2023, Balancer suffered a phishing attack and lost approximately $238,000.
- A separate August exploit resulted in the loss of nearly $1 million after a vulnerability was discovered in Balancer’s liquidity pool.
Balancer, one of Ethereum’s leading decentralized exchanges, has once again come under scrutiny due to suspected exploits involving approximately $70 million worth of digital assets.
The incident has reignited debate about the security of decentralized finance (DeFi), where transparency and automation often coexist with serious structural vulnerabilities.
It also shows how core DeFi features such as permissionless access, open source code, and composable smart contracts can quickly turn into liabilities when targeted by skilled attackers.
For Balancer, the breach reshapes risk perceptions across digital finance and adds to a growing record of cyber incidents that require stronger, more coordinated defenses across the DeFi ecosystem.
$70 million in Ethereum-linked assets were transferred to the new wallet.
Blockchain records Etherscan shows that $70.9 million in assets were moved from Balancer liquidity pools to newly created wallets. Three deals.
According to data from analytics firm Nansen, the assets transferred were 6,850 StakeWise Staked Ether (OSETH), 6,590 Wrapped Ether (WETH), and 4,260 Lido wstETH (wSTETH).
On-chain analysts began tracking the behavior of wallets and observed similarities with previous DeFi multiplier patterns.
Blockchain security company Cyvers reported that up to $84 million could be linked to Balancer in suspicious transactions across multiple chains.
The company is currently analyzing whether the transfer was orchestrated through a smart contract vulnerability or facilitated by an external attack exploiting inter-protocol liquidity flows.
Balancer attack history
In September 2023, the protocol’s website was compromised via Domain Name System (DNS) hijacking, which redirected users to a phishing interface.
According to blockchain researcher ZachXBT, the hackers executed a malicious smart contract designed to capture private keys and extract funds, resulting in a loss of approximately $238,000.
Just a month ago, in August, Balancer reported a stablecoin attack that cost liquidity providers nearly $1 million.
The incident occurred shortly after the team disclosed a “critical vulnerability” affecting certain liquidity pools. Although this vulnerability has been partially mitigated, it is still exploitable in certain configurations.
The repetition of incidents within such a short period of time suggests that the open source nature of DeFi fosters innovation while providing attackers with an evolving blueprint to target protocol weaknesses.
These breaches demonstrate that security audits alone are not sufficient without continuous on-chain monitoring and real-time risk mitigation systems.
DeFi’s security paradox
The Balancer example illustrates the paradox at the heart of decentralized finance.
By eliminating intermediaries, the protocol achieves transparency and autonomy while eliminating the possibility of intervention when funds are misappropriated.
Unlike centralized exchanges, which can freeze or revert transactions, DeFi protocols operate on immutable smart contracts.
Once exploited, the loss is permanent and generally irrecoverable.
This structural rigidity has drawn criticism from institutional investors who see these vulnerabilities as a barrier to large-scale adoption.
In response, some DeFi projects have introduced layered defenses such as decentralized insurance pools, advanced auditing frameworks, and formal verification of contract code.
However, these measures are inconsistent across the ecosystem.
Balancer’s recurring security issues could therefore serve as a case study in how liquidity incentives and composability can amplify systemic exposure.
As DeFi protocols become more interconnected through shared token standards and cross-chain bridges, one compromised smart contract can cause cascading financial risks across multiple platforms.