Balancer V2 Composable Stable Pools Exploited in $120m DeFi Attack

First reported

04.11.2025 11:45

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Balancer, a leading Ethereum-based decentralized finance (DeFi) protocol, experienced a cyber-attack on its Balancer V2 Composable Stable Pools, resulting in losses exceeding $120 million. The attack exploited a rounding down precision loss in the Balancer Vault’s calculations, allowing attackers to manipulate token prices. The incident highlights the vulnerability of DeFi protocols to sophisticated attacks despite extensive auditing and bug bounty programs. The attack occurred on November 3, 2025, and affected pools that were outside the pause window. Balancer has paused all affected pools and is working with security researchers to investigate the incident. The protocol has also warned users about a phishing campaign attempting to exploit the news of the attack.

Timeline

04.11.2025 11:45 1 articles · 6d ago

Balancer V2 Composable Stable Pools Exploited in $120m Attack
On November 3, 2025, Balancer's V2 Composable Stable Pools were targeted in a cyber-attack resulting in losses exceeding $120 million. The attack exploited a rounding down precision loss in the Balancer Vault’s calculations, allowing attackers to manipulate token prices. Balancer has paused all affected pools and is investigating the incident. A phishing campaign is exploiting the news of the attack to target Balancer users.
Show sources

DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
Open in new tab

Information Snippets

Balancer V2 Composable Stable Pools were targeted in the attack.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
The attack exploited a rounding down precision loss in the Balancer Vault’s calculations.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
The attack resulted in losses exceeding $120 million.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
The attack occurred on November 3, 2025.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
Balancer has paused all affected pools and is investigating the incident.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
The attack did not affect Balancer V3 pools.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45
A phishing campaign is exploiting the news of the attack to target Balancer users.
First reported: 04.11.2025 11:45

1 source, 1 article
Show sources
- DeFi Protocol Balancer Loses Over $120m in Cyber Heist — www.infosecurity-magazine.com — 04.11.2025 11:45

Summary

Timeline

Balancer V2 Composable Stable Pools Exploited in $120m Attack

Information Snippets