Balancer hack was reported at 09:18 UTC on November 3, 2025, after Balancer V2 smart contracts were exploited, draining roughly $117,461,646 across multiple addresses.
How did the Balancer hack target the Balancer V2 smart contract and trigger a Beets.fi security alert
On-chain traces indicate the exploit focused on Balancer V2 smart contracts, allowing attackers to manipulate pool balances and withdraw staked ETH liquidity. The incident touched liquidity tied to Beets.fi (Beethoven X), which issued a security alert, and to Berachain, which paused liquidity mining to limit contagion.
Note: teams that forked the Balancer codebase were advised to run emergency audits as investigations continue.
Which wallets received funds in the Balancer hack and what was the breakdown?
Key addresses and totals
On-chain analysis links three main Ethereum addresses to the incident: 0xaa76…8e3f, 0x827…80f4 and 0x0453…941c. The cumulative on-chain total across these wallets is about $117,461,646.
- 0xaa76…8e3f — roughly $100M; token mix reported around 63.98% WETH, 26.92% osETH and 9% wstETH.
- 0x827…80f4 — roughly $13.5M.
- 0x0453…941c — roughly $3.7M.
Investigators continue a balancer exploit wallet trace to monitor swaps and bridges that could move funds into centralized on‑ramps.
What does the Balancer hack mean for forked projects and decentralized finance security?
Market reaction was immediate: BAL fell about 5% following initial reports, according to CoinDesk, while liquidity providers reassessed exposure to Balancer V2 pools. Institutional and retail participants are likely to tighten risk controls around forked implementations.
Beets.fi’s security alert and Berachain’s liquidity pause were precautionary steps to stem withdrawals. Tip: projects that reuse open‑source liquidity code should prioritise emergency patches and audited upgrades.
In brief: the exploit routed roughly $117.5M through identified addresses, pressured BAL prices, and prompted platform‑level pauses and alerts as on‑chain tracing continues.