At approximately 3:48 PM Beijing time on November 3rd, an on-chain data monitoring platform suddenly detected an unusually large transaction on Balancer , the vault address of a long-established DeFi protocol.
Etherscan data shows that multi-chain assets, including 6,587 WETH (approximately $24.5 million), 6,851 osETH (approximately $26.9 million), and 4,260 wstETH (approximately $19.3 million), have been transferred to external wallets.
The Balancer team has not issued a statement, but multiple on-chain analysts suggest that this is more likely a potential exploit or unauthorized withdrawal than a routine liquidity migration.
Several blockchain analytics providers, including Nansen, have also flagged these transactions as suspicious.
According to monitoring by blockchain security firm PeckShield, the attacks continue to occur on multiple blockchain networks, including Ethereum.
As of approximately 4:48 PM Beijing time, the attacker's address (0x54B5…30d) completed another transaction by calling function 0x8a4f75d6, and Lookonchain confirmed that the total loss has exceeded $116 million.
Trading Strategy co-founder Mikko Ohtamaa pointed out that preliminary analysis indicates the vulnerability stems from a flaw in the smart contract checking mechanism. While not all Balancer versions are affected, the total losses could increase further if older V2 forks contain the same vulnerability.
This is not the first time Balancer has encountered a security issue.
Back in 2020, the protocol failed to account for the special behavior of tokens with "transfer fee deductions," which allowed attackers to manipulate pool assets through flash loan, resulting in a loss of approximately $500,000.
In August 2023, a vulnerability was discovered in Balancer V2's Boosted Pool. Despite official warnings, an attack still occurred, resulting in a loss of approximately $1 million.
In September of the same year, Balancer's front-end domain was hijacked by DNS, and users lost nearly $240,000 after signing transactions on phishing websites.
The latest attack has once again brought DeFi security issues to the forefront. From contract design to front-end deployment, from liquidity pool logic to cross-chain asset management, Balancer's security challenges seem never to have been truly resolved.
Moreover, Balancer is a liquidity hub protocol, so if it encounters problems, it's not just Balancer that's affected. LPs who are trapped, aggregators that rely on it, asset pools, strategy Vaults, and more will all be impacted.
The DeFi world emphasizes "trustlessness," but faced with repeated exploits, what can users truly trust? After five years of development, DeFi is no longer a niche game for geeks, but a financial infrastructure managing billions of dollars. Unfortunately, even leading protocols like Balancer cannot escape the fate of old problems persisting while new ones arise.
As of press time, Balancer has not yet issued an official response. Bitpush is continuously monitoring the situation and will provide updates as soon as they become available, so please stay tuned.
Twitter: https://twitter.com/BitpushNewsCN
BitPush Telegram Community Group: https://t.me/BitPushCommunity
Subscribe to Bitpush Telegram: https://t.me/bitpush
