- The assets moved include StakeWise Staked Ether (OSETH), Wrapped Ether (WETH) and Lido wstETH (wSTETH).
- In September 2023, Balancer suffered a phishing attack that resulted in a loss of approximately $238,000.
- A separate exploit in August cost nearly $1 million after a vulnerability was found in Balancer’s liquidity pools.
A suspected exploit involving nearly $70 million worth of digital assets has put Balancer, one of Ethereum’s leading decentralized exchanges, under renewed scrutiny.
The incident has reignited the debate over the security of decentralized finance (DeFi), where transparency and automation often coexist with deep structural vulnerabilities.
It also shows how core DeFi features such as permissionless access, open source code, and composable smart contracts can quickly turn into liabilities when attacked by skilled attackers.
For Balancer, the breach adds to a growing number of cyber incidents that are changing risk perceptions in the digital finance world and prompting calls for stronger, coordinated defenses across the DeFi ecosystem.
$70 million in Ether-linked assets transferred to new wallet
Blockchain records on Etherscan show that $70.9 million in assets were moved from Balancer liquidity pools to a newly created wallet via three transactions.
Facts from analytics firm Nansen identified the transferred assets as 6,850 StakeWise Staked Ether (OSETH), 6,590 Wrapped Ether (WETH) and 4,260 Lido wstETH (wSTETH).
On-chain analysts began monitoring the wallet’s behavior and observed similarities to previous DeFi drain patterns.
Blockchain security firm Cyvers reported that up to $84 million in suspicious transactions across multiple chains may be linked to Balancer.
The company is currently analyzing whether the transfers were coordinated by vulnerabilities in smart contracts or facilitated by a third-party exploit that leveraged liquidity flows between protocols.
History of attacks on Balancer
In September 2023the protocol’s website was hacked by a domain name system (DNS) hijack that redirected users to a phishing interface.
Hackers executed malicious smart contracts designed to obtain private keys and drain funds, resulting in losses of approximately $238,000, according to blockchain researcher ZachXBT.
Just a month earlier, in August, Balancer reported a stablecoin exploit that cost liquidity providers nearly $1 million.
That incident occurred shortly after the team disclosed a “critical vulnerability” affecting certain liquidity pools, which was partially patched but was still exploitable in specific configurations.
The recurrence of incidents within such a short time frame suggests that the open-source nature of DeFi, while encouraging innovation, also provides attackers with an evolving blueprint to address the protocol’s weaknesses.
These breaches demonstrate that security audits alone are insufficient without continuous monitoring along the chain and real-time risk mitigation systems.
The security paradox of DeFi
The Balancer case illustrates a paradox at the heart of decentralized finance.
By removing middlemen, protocols achieve transparency and autonomy, while also eliminating the possibility of intervention when funds are misappropriated.
Unlike centralized exchanges that can freeze or reverse transactions, DeFi protocols operate on immutable smart contracts.
Once exploited, losses are permanent and usually irreparable.
This structural rigidity has drawn criticism from institutional investors who view such vulnerabilities as barriers to large-scale adoption.
In response, some DeFi projects have introduced layered defenses such as decentralized insurance pools, advanced audit frameworks, and formal verification of contract codes.
However, these measures remain inconsistent across the ecosystem.
Balancer’s repeated security issues can therefore serve as a case study of how liquidity incentives and composability can increase systemic exposure.
As DeFi protocols become more interconnected through shared token standards and cross-chain bridges, a single compromised smart contract could lead to cascading financial risks across multiple platforms.
