Balancer pools exploited after last week’s vulnerability reveal

Balancer has removed the majority of funds from affected pools prior to exploit

article-image

New Africa/Shutterstock modified by Blockworks

share

DeFi liquidity protocol Balancer suffered an exploit following the discovery of a critical vulnerability in its v2 pools last week.

The Balancer team acknowledged Sunday that they are aware of the exploit and most funds in affected pools have been withdrawn. 

Meir Dolev, the chief technology officer of blockchain security company Cyvers.AI, noted in a post on X yesterday that the attacker had secured $900k from the exploit. 

Loading Tweet..

Following the vulnerability’s discovery, liquidity providers were asked to exit their positions through a proportional exit

Read more: ‘Critical vulnerability’ reported in Balancer v2 pools

An earlier Balancer post noted that over 99.7% of liquidity originally at risk is now safe and only 0.08% of the total value locked (TVL) remained at risk. 

Blockchain security company PeckShield questioned this figure in a Monday post, contending that their analysis indicates more than $2.1 million remains in affected v2 pools.

“The Balancer team has done a great job in alerting the community to remove liquidity from affected vaults, the original estimate of “only 0.08% of total TVL ($565,199) remains at risk” seems to be seriously mis-calculated,” PeckShield tweeted. 

Loading Tweet..

At the time of writing, Balancer’s native token (BAL) was trading at $3.51, a little below $3.6 prior to the discovery of the vulnerability.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Unlocked by Template (10).png

Research

Innovations on Aptos’ technical design through Raptr, Shardines, and Zaptos approach near-optimal latency and throughput by unlocking 100% utilization of network resources, with the capacity to settle 260k transactions per second with latencies less than 800ms. The original Move language was revamped with the launch of Move 2, supporting more expressivity in smart contract logic and a scalable ability to interact with high volume datasets. The ecosystem has benefitted from strong asset inflows, now hosting over $1.3B in stablecoins, $450M in bridged BTC, and $530M in RWAs. Activity in the Aptos ecosystem has grown notably over the past year, with monthly application revenue reaching ~$835k and monthly DEX volumes growing to over $5B, both at new all time highs.

article-image

The Stripe-acquired firm has big plans for a streamlined, multi-wallet future

article-image

Both founders of the former crypto lender have now landed in new crypto industry roles

article-image

Bitcoin’s recent peak is a victory lap for curvers left and right

article-image

Securitize CEO Carlos Domingo says institutions are eager to get exposure to tokenization

article-image

Trade isn’t war and prosperity isn’t a contest