Decentralized finance (DeFi) protocol Balancer is facing renewed scrutiny after on-chain data revealed an ongoing exploit that has drained over $116 million from its vaults. The incident, which is being described as one of the largest DeFi breaches of 2025, has raised urgent questions about smart contract resilience and liquidity security in decentralized ecosystems.

Blockchain security analysts first flagged suspicious transactions late Tuesday, showing large and rapid withdrawals across multiple liquidity pools holding wrapped ETH (wETH), staked tokens, and stablecoins. Within hours, Balancer’s team confirmed “abnormal activity” and advised users to halt interactions with affected vaults as investigators traced the exploit path.

Balancer Attack Follows A Pattern of Smart Contract Vulnerability

While the full scope of the Balancer breach is still being assessed, initial reports suggest the exploit may stem from a smart contract vulnerability in Balancer’s latest vault upgrade, enabling attackers to bypass withdrawal limits and siphon assets through a sequence of flash loan-based transactions. According to blockchain forensic platform PeckShield, the attacker used complex routing between DeFi protocols to hide the flow of stolen funds, a similar pattern to sophisticated, multi-layered exploits seen in the DeFi attack wave between 2024 and 2025.

The funds, which include wrapped Ether (wETH), Circle’s USDC, and Balancer Pool Tokens (BPT), have reportedly been transferred to mixer services and fresh wallet addresses in an attempt to evade traceability.

Balancer developers have since activated emergency protocols and paused several liquidity pools, urging liquidity providers (LPs) to withdraw assets from unaffected vaults. The team is collaborating with blockchain security firms and law enforcement to identify the vulnerability and possibly negotiate fund recovery.

New Balancer Attack: A Blow to DeFi’s Security Progress

The Balancer hack adds to a string of high-profile DeFi exploits in 2025 that have collectively cost the industry over $2 billion, according to Chainalysis data. Despite advances in smart contract auditing and on-chain monitoring, complex vault structures remain susceptible to composability risks — where interlinked protocols create new vulnerabilities.

This incident highlights the recurring tension between innovation and DeFi security. As protocols introduce new features to attract liquidity and improve capital efficiency, attack surfaces also expand.

If confirmed as a smart contract exploit, the Balancer breach could add to eroding investor trust at a time when DeFi protocols are pushing for mainstream legitimacy and institutional adoption. Security experts argue that the event reiterates the necessity for continuous on-chain monitoring, multi-party auditing, and formal verification of protocol upgrades before deployment.

For Balancer, one of Ethereum’s oldest DeFi platforms, this breach is a big blow and leaves the protocol with massive work toward technical recovery and in rebuilding community trust amid growing scrutiny of the broader DeFi industry.