The assets moved included StakeWise Staked Ether (OSETH), Wrapped Ether (WETH), and Lido wstETH (wSTETH). In September 2023, Balancer suffered a phishing attack that resulted in approximately $238,000 in losses. In another exploit in August, a vulnerability was discovered in Balancer’s liquidity pool, resulting in nearly $1 million being leaked.
Balancer, one of Ethereum’s main decentralized exchanges, is once again under intense scrutiny due to an alleged exploit involving approximately $70 million worth of digital assets.
The incident has reignited the debate over the security of decentralized finance (DeFi), where transparency and automation often coexist with deep structural vulnerabilities.
It also shows how core features of DeFi, such as unauthorized access, open source code, and configurable smart contracts, can quickly turn into a liability when targeted by a skilled attacker.
For balancers, this breach joins a growing record of cyber incidents that are reshaping risk perceptions across digital finance and prompting calls for stronger, more coordinated defenses across the DeFi ecosystem.
$70 million in Ether-related assets transferred to new wallet
blockchain record Etherscan shows that $70.9 million in assets were moved from the balancer’s liquidity pool to the newly created wallet. 3 deals.
According to data from analytics firm Nansen, the assets transferred were 6,850 StakeWise Staked Ether (OSETH), 6,590 Wrapped Ether (WETH), and 4,260 Lido wstETH (wSTETH).
On-chain analysts began tracking the wallet’s behavior and observed similarities with previous DeFi outflow patterns.
Blockchain security firm Cybers reported that up to $84 million in suspicious transactions across multiple chains may be linked to Balancer.
The company is currently analyzing whether the transfers were orchestrated through vulnerabilities in smart contracts or facilitated by external exploits that took advantage of liquidity flows between protocols.
History of attacks on balancers
In September 2023, the protocol’s website was compromised by a Domain Name System (DNS) hijack that redirected users to a phishing interface.
According to blockchain researcher ZachXBT, the hackers executed a malicious smart contract designed to obtain private keys and exfiltrate funds, resulting in approximately $238,000 in losses.
Just one month ago, in August, Balancer reported a stablecoin abuse that cost liquidity providers nearly $1 million.
The incident occurred shortly after the team revealed a “critical vulnerability” impacting certain liquidity pools. Although this vulnerability has been partially mitigated, it was still exploitable in certain configurations.
The recurrence of incidents in such a short period of time suggests that the open source nature of DeFi fosters innovation while providing attackers with an evolving blueprint for targeting weaknesses in protocols.
These breaches demonstrate that security audits alone are insufficient without continuous on-chain monitoring and real-time risk mitigation systems.
DeFi security paradox
The Balancer case illustrates the contradiction at the heart of decentralized finance.
By eliminating intermediaries, the protocol enables transparency and autonomy, while also eliminating the possibility of intervention in case funds are misappropriated.
Unlike centralized exchanges, where transactions can be frozen or canceled, DeFi protocols operate based on immutable smart contracts.
Once exploited, losses are permanent and usually cannot be recovered.
This structural rigidity has drawn criticism from institutional investors who see such vulnerabilities as a barrier to large-scale adoption.
In response, some DeFi projects have introduced layers of defense such as decentralized insurance pools, advanced auditing frameworks, and formal verification of contract code.
However, these measures remain inconsistent across the ecosystem.
Balancer’s repeated security problems may therefore serve as a case study on how liquidity incentives and configurability can amplify overall exposure.
As DeFi protocols become more interconnected through shared token standards and cross-chain bridges, a breach of a single smart contract can create cascading financial risks across multiple platforms.
