Balancer Hacker Moves Stolen Funds to Ethereum

Key Takeaways:

Balancer hacker converted stolen assets into Ethereum to obscure traces.
$116.6M total loss, with 85% from Ethereum network.
Stakewise DAO recovered $21M—over 73% of stolen osETH.
Compensation plan and full post-mortem report coming soon.

Ethereum Chosen by Balancer Hacker to Launder Stolen Assets

The hacker behind the $116.6 million Balancer DeFi exploit has begun converting the stolen assets into Ethereum (ETH), deepening concerns about recovery prospects. According to on-chain analytics platform Lookonchain, the attacker is rapidly swapping various stolen tokens for ETH, making it harder to trace and reclaim the funds.

Also Read: What Is Ethereum Staking? How It Works, Benefits, and Risks Explained

Most of the losses—about $99.5 million (85%)—originated from the Ethereum network. The rest were distributed across chains like Arbitrum ($7.9M), Base ($3.9M), and Sonic ($3.4M), with smaller allocations to OP Mainnet and Polygon.

Breakdown of the Exploited Tokens

The attack targeted a broad range of assets, including staking-related tokens such as Lido’s stETH, Frax, Rocket Pool’s rETH, and Balancer V2 pool tokens. Etherscan data shows that the attacker transferred 6,851 osETH, 4,259 wstETH, and 6,587 WETH to an address now labeled “Balancer Exploiter 2.”

These transfers underscore the sophisticated planning behind the breach, as the attacker utilized multiple pools and token types to mask the fund flow and maximize liquidity.

Stakewise DAO Recovers $21M in Stolen Assets

In a swift counteraction, Stakewise DAO, an Ethereum liquid staking protocol, recovered a significant portion of the stolen assets. Through emergency multisig operations, the team reclaimed 5,041 osETH (≈$19.3M) and 13,495 osGNO (≈$1.7M)—representing over 73% of the osETH stolen and full recovery of osGNO tokens.

Stakewise confirmed that the remaining osETH was unrecoverable, as the hacker had already converted it into ETH.

Just half an hour earlier, StakeWise DAO emergency multisig has executed a series of transactions, recovering ~5,041 osETH (~$19M) and 13,495 osGNO (~$1.7M) tokens from the Balancer exploiter.

On Ethereum mainnet, this represents 73.5% of the ~6,851 osETH stolen earlier today,… pic.twitter.com/b43EGf92hm
— StakeWise (@stakewise_io) November 3, 2025

Compensation and Future Safeguards

Stakewise will redistribute the recovered funds pro rata to affected users of Balancer’s V2 pools, using their pre-exploit balances as a reference. The team also plans to release a detailed post-mortem report explaining the recovery process and outlining new measures to strengthen protocol security.

The event underscores both the persistent vulnerabilities in DeFi protocols and the growing effectiveness of coordinated recovery efforts.

Key Takeaways:

Ethereum Chosen by Balancer Hacker to Launder Stolen Assets

Breakdown of the Exploited Tokens

Stakewise DAO Recovers $21M in Stolen Assets

Compensation and Future Safeguards

Related News

Polkadot Price Consolidation Signals Opportunity

Why the Avalanche Are Crushing the Competition Right Now

$100M Inflows Spark Bullish Signs for Sui – But Risks Remain

$3 to $5: How Toncoin Could Rewrite Crypto Growth Stories