$120 Million Evaporated by Morning: How Hackers Bypassed 10 Audits and What North Korea's Missile Program Has to Do With It
The Balancer hack put DeFi projects at risk.
The Balancer hack put DeFi projects at risk.
Hackers compromised the DeFi protocol Balancer and stole cryptocurrency worth over $120 million. According to analyst estimates, about $99 million of that is in Ethereum (ETH). The incident occurred early in the morning on November 3rd and became one of the largest hacks in the DeFi space in recent months.
The Balancer team confirmed the breach and stated that an investigation is underway. According to their experts, the attack was made possible by a vulnerability in the access control mechanisms, which allowed the attackers to gain unauthorized control over a part of the protocol and withdraw assets from several liquidity pools.
After detecting the attack, the developers suspended all vulnerable pools and put them into recovery mode. However, some crypto platforms connected to Balancer were outside their direct control, so they continued operating as usual. Company representatives emphasized that the project regularly undergoes independent audits and has long maintained a bug bounty program. The team is now working with lawyers and external experts to establish all the circumstances of the incident and has also warned users about the appearance of fake messages posing as the Balancer security service.
In the wake of the incident, several other participants in the DeFi ecosystem took emergency measures. The Berachain Foundation temporarily halted its network to prevent further losses and reported freezing a portion of the stolen assets. Projects like Gnosis, Sonic, and Beefy took similar steps. Balancer had faced security incidents before, but the company had never experienced losses on such a scale. Over the years, the project had undergone about 10 audits by major blockchain firms.
Just a week earlier, another DeFi project—Garden Finance—lost about $10.8 million in a similar hack. According to Elliptic, in the first 9 months of 2025, criminals stole over $2 billion in cryptocurrency. A significant portion of these funds, according to international agency estimates, may have been stolen by hackers linked to the North Korean government, which uses digital asset theft as a source of funding for its missile program.
A joint report published by the governments of the United States, France, Germany, Japan, and other countries indicated that between January and September 2025, Pyongyang acquired at least $1.65 billion in cryptocurrency through such attacks.
