StakeWise recovers $19.3M in stolen osETH, reducing Balancer hack losses from $117M to $98M after major DeFi exploit.
StakeWise has retrieved $19.3 million in stolen funds connected to the recent Balancer protocol exploit. This recovery follows one of the largest decentralized finance attacks in 2025, bringing some relief to users affected by the breach.
$19.3M in Stolen Funds Recovered by StakeWise
StakeWise has successfully recovered 5,041 osETH, equivalent to $19.3 million, from the attacker responsible for the Balancer hack.
According to blockchain analysis from EmberCN, the recovery was made through a contract call executed by StakeWise. The retrieval has reduced the total loss from $117 million to $98 million.
今天凌晨 @stakewise_io 通过合约调用从 Balancer 黑客手上把 5,041 枚 osETH ($1930 万) 给搞回去了。
所以黑客从 Balancer 盗取的资产从 $1.17 亿下降到 $9800 万。黑客陆续把 LST 换成 ETH,目前的话已经把超过半数被盗资产换回成 ETH。
黑客地址集:https://t.co/wPWVhdtTEz
本文由… https://t.co/b5c8aBkf6J pic.twitter.com/DJjVjUy8N9
— 余烬 (@EmberCN) November 4, 2025
The attack took place on November 3 and targeted Balancer’s V2 vaults and liquidity pools. The hacker exploited a vulnerability in the way smart contracts handled authorization and callback functions during the setup of bonded pools. This allowed unauthorized balance changes and swaps.
Blockchain security firms including Nansen and PeckShield confirmed that the exploit was technical and did not involve a stolen private key. The attacker had been gradually converting LSTs to ETH, with more than half of the stolen assets already moved to Ethereum.
Balancer’s TVL and Token Value Decline
Following the hack, Balancer’s total value locked (TVL) fell sharply from $442 million to $214.5 million in under 24 hours. Data from DeFiLlama confirms this drop, which reduced on-chain liquidity by over 50%. The protocol is now working to stabilize its ecosystem and regain user trust.
Balancer’s native token BAL also experienced losses, dropping 8% within a 24-hour period after the exploit. The overall crypto market was also down, contributing to the decline. Bitcoin and Ethereum prices fell 18% and 27% respectively over the past 30 days.
The Balancer team acknowledged the attack and offered a 20% bounty to the entity responsible. A statement from the team read,
“We’re working closely with leading security researchers to fully understand the vulnerability and will release a complete post-mortem once the investigation concludes.”
Exploit Reveals Broader Vulnerabilities in DeFi
Experts noted that Balancer’s composable architecture may have made the protocol more vulnerable to the type of exploit used. The design allowed interactions across smart contracts that lacked strict controls, enabling the attacker to manipulate balances.
The Balancer hack is one of several high-profile exploits this year, raising new concerns about smart contract safety in decentralized finance. Security researchers are now analyzing how similar vulnerabilities may exist in other automated market makers.
The recovered funds offer partial relief, but most of the stolen assets are still unaccounted for. Investigations are ongoing across Ethereum, Base, and other chains where the attacker moved the funds.