At around 7:48 AM UTC, an exploit targeted Balancer V2 Composable Stable Pools, marking one of the most significant security incidents in the Ethereum ecosystem this quarter.
Balancer confirmed that it is actively working with top blockchain security researchers to investigate the breach and will release a detailed post-mortem report soon.
Because many of the affected pools had been operating on-chain for several years, some were outside the pause window. Pools that could be paused were immediately placed into recovery mode.
All other Balancer pools remain unaffected, and the issue is isolated to Balancer V2, with Balancer V3 and other pools remaining secure.
The company reaffirmed its commitment to operational security, having undergone multiple independent audits and maintained long-running bug bounty programs.
Security Alert:
Balancer warned users about fraudulent messages claiming to be from its security team. Official updates will only be shared via:
- The official Balancer X (Twitter) account
- The official Balancer Discord server
Recovery Update: $21 Million Retrieved
Roughly half an hour after the exploit, StakeWise DAO’s emergency multisig executed a series of on-chain recovery transactions, successfully reclaiming about 5,041 osETH (~$19M) and 13,495 osGNO (~$1.7M) from the attacker.
On Ethereum mainnet, this represents around 73.5% of the 6,851 osETH stolen earlier in the day the maximum possible recovery, as the attacker had already converted the remainder into ETH.
All osGNO tokens were fully recovered.
StakeWise DAO announced that the recovered funds will be returned to affected users based on their pre-exploit balances (pro-rata distribution).
A full post-mortem report and next steps are expected to be published soon.
X source: https://x.com/Balancer/status/1985390307245244573