- Trending
- Comments
- Latest
Decentralized staking platform StakeWise has recovered approximately $20.7 million stolen in the Balancer hack, representing 73.5% of its lost funds—a rare win in an industry where most DeFi exploits result in permanent losses.
The recovery comes after the protocol’s DAO emergency team worked with on-chain investigators to retrieve assets from an attack that drained over $128 million across multiple blockchain networks.
In a post shared on X (formerly Twitter) on November 4, StakeWise said its DAO emergency multisignature wallet retrieved approximately 5,041 osETH (worth about $19 million) and 13,495 osGNO (valued at $1.7 million) from the exploiter linked to the Balancer breach.
According to the protocol, the recovery accounts for 73.5% of the 6,851 osETH tokens drained during the Balancer hack. The remaining 26.5%, roughly $7 million, had been swiftly converted into Ethereum (ETH) by the attacker and could not be recovered.
StakeWise confirmed that the retrieved funds will be distributed to affected users on a pro-rata basis, restoring balances based on pre-exploit holdings.
“Our DAO emergency team worked tirelessly with on-chain investigators to retrieve the stolen assets,” the platform said. “A detailed post-mortem will follow soon.”
For transparency, StakeWise referenced the transactions through its on-chain governance forum and blockchain records available on Etherscan.
The Balancer hack originated from a critical vulnerability in the manageUserBalance function of Balancer’s V2 Composable Stable Pools which is a feature that allows users to manage liquidity positions.
The flaw enabled attackers to manipulate internal balances and convert Balancer Pool Tokens (BPTs) into underlying assets such as Ethereum (ETH) without authorization.
Blockchain security firm PeckShield later confirmed that the exploit impacted multiple layer-2 networks, including Arbitrum, Base, Polygon, Optimism, Berachain, and Sonic, all of which share parts of Balancer’s codebase.
Initial loss estimates were around $70 million, but as investigators traced more affected pools, the total climbed to over $128 million, according to analytics platform Lookonchain.
The attacker consolidated stolen tokens across several wallets and began converting portions into ETH, raising fears of further laundering through privacy mixers and cross-chain bridges.
“The Balancer hack demonstrates how interconnected vulnerabilities can cascade across multiple ecosystems,” said Dmitry Mishunin, CEO of HashEx, a blockchain security firm.
In response to the Balancer hack, the team immediately paused affected pools and activated its “recovery mode” protocol to contain further losses. The developers issued an on-chain message offering the hacker a 20% white-hat bounty valued at roughly $25.6 million in exchange for returning the remaining assets within 48 hours.
“Balancer is taking all necessary steps to secure funds and prevent similar attacks,” the protocol’s team wrote in a public statement. “We urge users to verify all communications, as scammers are impersonating team members during this period.”
Several protocols connected to Balancer’s liquidity pools including Gnosis, Berachain, and Beefy Finance temporarily suspended operations to mitigate exposure. The Balancer Foundation also enlisted cybersecurity firms such as CertiK and Trail of Bits to support its ongoing investigation and improve its code resilience.
According to Balancer’s co-founder Fernando Martinelli, the exploit underscores the urgency of stronger smart contract audits and coordinated responses among DeFi platforms. “We’re working with our partners to ensure the safety of user assets across all chains,” he said.
The Balancer hack has reignited conversations about DeFi’s systemic vulnerabilities and the role of multisig governance in emergency recoveries. Security analysts argue that while the recovery of funds by StakeWise is encouraging, it remains the exception rather than the rule.
“Recovering over 70% of stolen funds in a DeFi attack is nearly unprecedented,” said Minal Thurkal, Head of DeFi Ecosystem Growth at CoinDCX. “This case highlights how coordinated DAO action and transparent on-chain tracking can make a difference but it also reminds us how fragile some of these systems remain.”
The Balancer team continues to collaborate with blockchain forensic firms and law enforcement to trace the remaining assets, many of which were quickly converted and dispersed.
With over $128 million lost across multiple blockchains, the Balancer hack ranks among 2025’s most severe decentralized finance breaches, alongside the exploits targeting Curve Finance and Poly Network.
As DeFi protocols expand across increasingly complex cross-chain ecosystems, experts emphasize that real-time auditing, modular security designs, and community-driven incident response will be key to preventing another large-scale attack.
StakeWise’s partial recovery marks a hopeful milestone as a reminder that even in the turbulent world of decentralized finance, proactive governance and swift coordination can turn crisis into precedent.
