How 11 Audits Couldn’t Stop Balancer’s $128 Million Hack Redefining DeFi Risks

Summary

Balancer, once hailed as a stable DeFi cornerstone, suffered a massive exploit on Nov. 3 that drained over $128 million across Ethereum and multiple layer‑2 forks, slashing its total value locked by 46% to roughly $422 million. Security firms PeckShield and Phalcon traced the breach to a flaw in Balancer V2’s batch‑swap pricing logic, allowing an attacker to manipulate pool token valuations and withdraw assets before corrective mechanisms kicked in. Despite more than ten prior audits, the vulnerability exposed the limits of code reviews and highlighted the systemic risk posed by composable vault architectures that amplify damage across interconnected protocols. The incident triggered emergency pauses on chains like Berachain and heightened scrutiny of DeFi risk management and regulatory oversight.