Balancer Offers 20% Bounty as $116M Exploit Continues

Decentralized finance protocol Balancer has confirmed an active exploit targeting its v2 pools, with stolen funds reaching $116.6 million across multiple blockchain networks.

Afterwards, the protocol announced a 20% bounty offer to the attacker for returning the compromised assets.

As the Balancer’s engineering and security teams identified the exploit, they began investigating the breach with high priority. The protocol issued its first warning through official channels as the incident unfolded.

The total value of stolen funds has escalated rapidly since the exploit began. Initial reports indicated the breach had compromised $98 million in assets across various chains.

Within hours, the stolen amount surged to $116.6 million, marking one of the largest DeFi exploits in recent memory. The attacker targeted Balancer v2 liquidity pools specifically.

Bounty Offer and Security Response

Balancer issued a formal communication offering the exploiter a 20% bounty in exchange for returning the stolen funds.

This approach follows an established DeFi practice of negotiating with hackers through on-chain messages and public statements.

The protocol’s security team coordinated with blockchain forensics experts to track the movement of stolen assets. However, multiple chains were affected by the exploit, which complicates recovery efforts.

Balancer warned users against engaging with potential phishing attempts and scam messages following the incident. The protocol emphasized that its official communication thread would not contain additional links.

Moreover, the engineering team works to identify the specific vulnerability exploited in the v2 pool architecture. The exploited Balancer v2 represents the protocol’s updated automated market maker system.

Community Alert and Ongoing Investigation

Additionally, users had received urgent warnings to secure their funds and withdraw from potentially affected pools. The protocol issued multiple alerts as the situation developed and the stolen amounts increased.

Balancer maintained communication with its community throughout the incident, promising verified updates as information became available. The team promised transparency while conducting its technical investigation.

We’re aware of a potential exploit impacting Balancer v2 pools.

Our engineering and security teams are investigating with high priority.

We’ll share verified updates and next steps as soon as we have more information.

— Balancer (@Balancer) November 3, 2025

The exploit occurred through a specific vulnerability in Balancer v2 pools, though technical details of the attack vector remained under investigation.

Simultaneously, the protocol avoided disclosing specific security weaknesses while the threat remained active.

Meanwhile, the attacker continued moving funds across different blockchain networks, complicating tracking and recovery efforts. Cross-chain bridges appeared to facilitate the movement of stolen assets.

DeFi security researchers joined the investigation, analyzing on-chain data to understand the exploit mechanism. The community mobilized to track wallet addresses associated with the stolen funds.

Balancer emphasized that its final official message would be posted in its communication thread. Users were instructed not to trust any subsequent messages or links appearing below the protocol’s last verified update.

The $116.6 million exploit represents a significant security breach for the DeFi ecosystem. Balancer v2 pools contained substantial liquidity from users providing assets to automated market makers.

Following this incident, attention turned to whether the attacker would accept the 20% bounty offer. Historical precedent shows mixed results from such negotiations in the DeFi space.

The protocol continued monitoring affected pools while developing a comprehensive response plan. Security audits of the v2 pool architecture were expected to intensify following the breach.

Balancer’s team worked to verify the full scope of the exploit before issuing detailed technical disclosures. The investigation remained ongoing as authorities and blockchain analysts tracked the stolen funds.