Experts are questioning whether the latest hack shakes confidence in DeFi or is just part of the inherent risks as investors seek higher returns.
Veteran decentralized exchange (DEX) Balancer v2 suffered a major hack on Monday, losing more than $128 million and raising questions about whether users can trust even long-established and audited decentralized finance (DeFi) platforms.
On-chain data showed approximately $128 million in digital assets sent to the hacker’s wallet across multiple blockchains, including 6,587 WETH (~$24.5 million), 6,851 osETH (~$26.9 million), and 4,260 wstETH (~$19.3 million), according to PeckShield. This is the biggest Balancer hack to date.
The losses affected several networks, including Ethereum, Polygon, Base, Arbitrum, Optimism, Sonic and Berachain. Balancer’s native token BAL fell 11.1% to $0.87, according to CoinGecko. Meanwhile, the protocol’s total value locked (TVL) fell from $776 million to $406 million in the last 24 hours, according to DeFiLlama.
Experts are divided
While Monday’s Balancer exploit highlights that even established DeFi platforms remain vulnerable to attacks, experts are divided on whether the breach harmed overall trust in DeFi.
Harry Donnelly, founder and CEO of Circuit, called the Balancer breach a “serious wake-up call” for the DeFi ecosystem, noting that it was “one of the most trusted names in the industry” and “an early pioneer with a culture of compliance, supported by rigorous auditing and open disclosure.”
At the same time, he warned that the same transparency that contributed to Balancer’s success also exposed it to exploitation. “If DeFi is to truly challenge traditional finance, it must stay ahead of bad actors through proactive resilience and response, not just reactive patching and freezing of funds,” Donnelly said.
However, other industry experts have emphasized that risk is an integral part of DeFi investing and trust will likely remain the same.
“Smart contracts and financial engineering are part of the risk profile of investing in DeFi. This is why smart contract audits are important,” said Vladislav Ginzburg, founder and CEO of OneSource. “I do not believe that the Balancer exploit represents a new paradigm and therefore should not change the trust or risk factors. The status quo is maintained.”
Kadan Stadelmann, CTO of Komodo Platform, echoed this sentiment, saying that hardcore DeFi users will not be deterred, but institutional investors might be. “These types of hacks in DeFi are what are driving institutional investors and alternative asset investors towards Bitcoin-only strategies,” he said.
Audits mean “almost nothing”
The incident also raised questions on social media about the reliability of audits in DeFi. Blockchain researcher Suhail Kakar shared in an article on X that Balancer v2 had gone through over 10 audits and still had an exploit.
Specifically, Balancer v2 underwent several security audits by companies such as Certora, OpenZeppelin, and Trail of Bits between 2021 and 2023.
“This space needs to accept that ‘audited by X’ means almost nothing,” Kakar said. “Code is hard, DeFi is harder. It’s unfortunate, but I hope the team gets over it.”
Rapid intervention
Analysts say the hack stemmed from a flaw in Balancer v2’s smart contracts that allowed unauthorized withdrawals.
Nicolai Sondergaard, research analyst at Nansen, said in comments shared with The Defiant that the attacker could have “simulated a stack of fees on Balancer’s fee account, then hit the withdraw button and cash out WETH, essentially turning fake credits into real money.”
This is Balancer’s third known security breach, following incidents in 2021 and 2023. The exploit also prompted Berachain, which has a TVL of $404 million, to temporarily shut down its blockchain and execute an emergency hard fork to protect funds.
Berachain said it was monitoring the situation closely and that “the network will be operational shortly after recovering all affected funds.” Berachain’s BERA token fell 10% to $1.62 following the incident.
Meanwhile, other networks reacted differently. Polygon’s validators reportedly froze the hacker’s transactions, while Sonic added functionality to freeze and reset the attacker’s S balances, one of Dragonfly Capital’s managing partners pointed out on X.
Balancer Response
Balancer acknowledged the incident in two articles on X, noting that its engineering and security teams are investigating. “We will share verified updates and next steps as soon as we have more information,” the team wrote.
The team confirmed that the exploit only affected its Composable Stable Pools v2 and did not impact Balancer v3 or other pools.
They further explained that because some pools had been online for several years, “many were outside the pause window.” However, they added that “all pools that could be paused have been paused and are now in recovery mode.”
The team also warned of fake messages circulating following the hack and urged users to only rely on official communications through Balancer’s X account and Discord server.
The Defiant reached out to Balancer for comment, but has not yet received a response at the time of publication.
