5 years, 6 incidents causing over a hundred million in losses, the history of Hacker visits to the old-school DeFi protocol Balancer.

Written by: David, Deep Tide TechFlow

When it rains, it pours; hackers particularly target during downturns.

In the recent environment of a sluggish cryptocurrency market, established DeFi protocols have suffered another blow.

On November 3rd, on-chain data showed that the protocol Balancer was suspected of being hacked. Approximately $70.9 million worth of assets were transferred to a new wallet, including 6,850 osETH, 6,590 WETH, and 4,260 wstETH.

Subsequently, according to Lookonchain monitoring related wallet addresses, the total loss amount of the protocol due to the attack has risen to 116.6 million dollars.

The Balancer team stated after the event:

“A vulnerability attack that may affect the Balancer v2 pool has been discovered, and its engineering and security teams are investigating this incident as a high priority. Verified updates and follow-up measures will be shared once more information is obtained.”

In addition, the official has also publicly stated its willingness to pay 20% of the stolen assets as a white hat reward to recover the assets, valid within 48 hours.

The response was very timely, but also very official.

However, if you are an old player in DeFi, you would certainly not be surprised by the headline “Balancer Hacked,” but rather have a strange sense of déjà vu.

As a well-established DeFi protocol founded in 2020, Balancer has experienced six security incidents over the past five years, averaging one hacking incident each year, and this time it is simply the largest amount stolen among them.

Looking back at history, when market conditions make trading extremely difficult, it is very likely that earning arbitrage in DeFi is not safe either.

June 2020: Deflationary token vulnerability, resulting in a loss of approximately $520,000

In March 2020, Balancer entered the DeFi world with the innovative concept of “flexible automated market makers.” However, just three months later, this ambitious protocol faced its first nightmare.

The attacker exploited a vulnerability in the protocol's improper handling of deflationary tokens, resulting in a loss of approximately $520,000.

The general principle is that a token called STA automatically destroys 1% as a transaction fee each time it is transferred.

The attacker borrowed 104,000 ETH from dYdX's flash loan and then traded back and forth between STA and ETH 24 times. Due to Balancer not correctly calculating the actual balance after each transfer, the STA in the pool was ultimately drained down to just 1 wei. The attacker then took advantage of the severe price imbalance to exchange a tiny amount of STA for a large amount of ETH, WBTC, LINK, and SNX.

March 2023: Euler incident caught in the crossfire, with losses of approximately $11.9 million

This time Balancer is an indirect victim.

Euler Finance suffered a $197 million flash loan attack, and Balancer's bb-e-USD pool was implicated due to holding Euler's eToken.

When Euler was attacked, approximately $11.9 million was transferred from Balancer's bb-e-USD pool to Euler, accounting for 65% of the pool's TVL. Although Balancer urgently suspended the related pools, the loss had already occurred and could not be reversed.

August 2023: Balancer V2 pool precision vulnerability, resulting in a loss of approximately $2.1 million.

This attack actually had precursors. On August 22 of that year, Balancer proactively disclosed the vulnerability and warned users to withdraw their funds, but the attack still occurred five days later.

The vulnerability involves a rounding error in the V2 Boosted Pool. Attackers manipulated the calculations of the supply of BPT (Balancer Pool Token) with precision, allowing them to extract assets from the pool at an improper exchange rate. The attack was executed through multiple flash loan transactions, with estimates of the losses varying from $979,000 to $2.1 million according to different security firms.

September 2023: DNS hijacking attack, resulting in losses of approximately $240,000

This is a social engineering attack, targeting traditional internet infrastructure rather than smart contracts.

Hackers compromised the domain registrar EuroDNS through social engineering tactics, hijacking the balancer.fi domain. Users were redirected to a phishing site that used the Angel Drainer malicious contract to trick users into authorizing transfers.

The attacker will then launder the stolen funds through Tornado Cash.

Although this matter itself is not Balancer's fault, the large tree attracts the wind, and using the brand of this protocol for phishing is also hard to guard against.

June 2024: Velocore was hacked, resulting in a loss of approximately $6.8 million.

Although Velocore is an independent project, its theft was originally unrelated to Balancer. However, as a fork of Balancer, Velocore uses the same CPMM (Constant Product Market Maker) pool design, which can be considered a continuation to some extent, more like the theft occurred elsewhere, but the mechanism is in Balancer.

The whole story is probably that the attacker exploited the overflow vulnerability in the Balancer-style CPMM pool contract of Velocore, manipulating the fee multiplier to exceed 100%, which resulted in a calculation error.

The attacker ultimately stole approximately $6.8 million through a flash loan combined with a carefully crafted extraction operation.

November 2025: Latest attack, losses exceeding 100 million

The technical principles of this attack have been initially clarified. According to the analysis of security researchers, the vulnerability is located in the access control check of the manageUserBalance function within the Balancer V2 protocol, which corresponds to the user permission check.

According to the analysis by security monitoring agencies Defimon Alerts and Decurity, the system should have checked whether the caller is the true owner of the account when verifying the withdrawal permissions of Balancer V2, but the code incorrectly checked whether msg.sender (the actual caller) is equal to the op.sender parameter provided by the user.

Since op.sender is a user-controllable input parameter, an attacker can easily spoof their identity, bypass permission verification, and execute the WITHDRAW_INTERNAL operation.

In plain terms, this vulnerability allows anyone to impersonate the owner of any account and directly withdraw internal balances. This fundamental access control error is more akin to a basic mistake, which is surprising to see in a mature protocol that has been running for 5 years.

Reflections on the History of Hacker Visits

What can we learn from this “hacker visitation history”?

My feeling is that DeFi protocols in the crypto world are more like “gazing from afar but not to be toyed with”. From a distance, it seems calm and peaceful, but if one truly delves into it, there are likely many technical debts beyond the narratives that need to be repaid.

For example, the well-established DeFi protocol Balancer, one of its innovations, is undoubtedly the ability to create a mixed pool with custom weights consisting of up to 8 different tokens.

Compared to Uniswap's simple design, Balancer's complexity increases exponentially.

With the addition of each token, the state space of the pool expands dramatically. When you attempt to balance the prices, weights, and liquidity of 8 different tokens in a pool, the attack surface also increases. The inflationary token attacks of 2020 and the rounding error vulnerabilities of 2023 are essentially both cases of improper handling of boundary conditions caused by complexity.

What's worse is that Balancer has chosen a rapid iteration development path. From V1 to V2, and then to various Boosted Pools, each upgrade adds new features on top of the old code. This accumulation of “technical debt” has turned the codebase into a fragile tower of blocks;

For example, the recent attack caused by permission issues; such a fundamental design flaw should not be an issue for a protocol that has been running for 5 years. It may also indicate that the project's code maintenance has gone out of control to some extent.

Perhaps, in a time where narrative, profit, and emotion outweigh technology, whether there are vulnerabilities in the underlying code is no longer important.

Balancer will certainly not be the last one; you never know when the black swan stacked by the various composability of DeFi will arrive. The complex network of dependencies in the DeFi world makes risk assessment nearly impossible.

Even if you trust Balancer's code, can you trust all of its integrations and partners?

For onlookers, DeFi is a novel social experiment; for participants, DeFi theft is an expensive lesson; for the entire industry, a healthy DeFi is the tuition fee that must be paid for maturity.

I just hope this tuition fee is not too expensive.