Balancer DAO Gives Hacker Ultimatum Following $100M Protocol Breach

DeFi's latest security nightmare unfolds as Balancer DAO confronts a $100 million exploit. The decentralized autonomous organization has issued a deadline to the attacker—but will it work?

The heist ranks among 2025's largest crypto breaches, exposing vulnerabilities in automated market maker protocols. Balancer's team confirmed the attack vector involved a reentrancy exploit, a familiar foe in DeFi security.

Market watchers note the irony: while traditional finance grapples with 0.5% fraud rates, crypto's 'trustless' systems keep making headlines for nine-figure thefts. The DAO's public ultimatum includes a 10% whitehat bounty—standard practice that somehow still feels like negotiating with digital extortionists.

All eyes now watch the countdown clock. Will the hacker take the bounty or vanish into the blockchain shadows? Either way, liquidity providers are left holding the empty bag.

• Balancer DAO demands the hacker return the $100M exploit funds by the Saturday deadline.
• Attack exploited a rounding flaw in EXACT_OUT swaps across V2 Stable and v5 pools.
• DAO offers a 20% bounty and warns of legal and on-chain action if funds are not returned.

Balancer DAO has executed a direct on-chain ultimatum against the hacker responsible for committing a $100 million exploit against its V2 Composable Stable Pools this week. The decentralized exchange demanded the stolen money to be returned by Saturday for some unspecified bounty. Failure to comply might result in the deployment of technical, on-chain, and legal measures.

The DAO confirmed that the protocol had been drained of more than $100 million in staked Ether in this case. The stolen assets included Wrapped Ether (WETH), StakeWise Staked ETH (osETH), and Lido’s wstETH. The tokens got transferred to a new wallet soon after the exploit. Balancer has reported that they are actively investigating the issue and will update as they go.

On wednesday, we sent an on-chain message to all known addresses involved in Monday's exploit, following the best practices and offering a path for the hacker to contact us and return the funds.

We understand that affected users are awaiting further updates. We will continue to… pic.twitter.com/alUh4n9C3V

Balancer Smart Contract Flaw Leads to Massive Breach

The attack, which was reported Monday, represents a security hole in Balancer’s pool logic. The post-mortem report published on Wednesday showed that attackers used BatchSwaps in conjunction with a rounding error on the EXACT_OUT swap function. The attack was focused on Balancer’s V2 Stable and Composable Stable v5 pools, facilitating mass salvage of user funds.

Smart contracts in the platform undergo auditing by four different security firms prior to the attack. None were capable of detecting the critical vulnerability. The event has renewed the debate about the reliability of DeFi audits and the safety of composable protocols. Security analysts have pointed out that even a minor logic error in an automated trading system can result in a huge loss of money.

20% Bounty Proposed Amid Blockchain Forensic Push

In its message, Balancer made an offer to the attacker of returning up to 20% of the stolen funds worth over $20 million if the assets were returned. Lastly, the team cautioned that a refusal WOULD trigger coordinated efforts by blockchain forensics and law enforcement.

At the time of this publication, there was no response from the hacker’s wallet. Analysts speculate that the attacker may try to MOVE the money through cross-chain bridges or privacy mixers to avoid being caught.

The Balancer exploit exposes persistent weaknesses of decentralized finance systems. Despite the existence of sophisticated and advanced audits and automation, small programming errors keep platforms open to massive thefts. The DeFi community will be watching the DAO’s recovery plan closely as a test case for blockchain-based accountability.