Berachain Foundation has confirmed the recovery of $12.8 million lost during the Nov. 3 Balancer V2 exploit.
Summary
- Berachain recovered the full $12.8M lost in the Balancer exploit after halting and restarting its network.
- The recovery was achieved through a white-hat collaboration, with redistribution plans for affected users.
- The Balancer hack caused $128M in cross-chain losses, raising fresh concerns about DeFi composability and audit limitations.
The recovery marks a rare case of full restitution following one of 2025’s largest decentralized finance hacks.
In a late Nov. 4 update on X, the Berachain Foundation announced that all funds drained from its BEX pools had been returned to the foundation’s deployer wallet.
Swift action restores Berachain operations
The recovery was coordinated with a white-hat hacker who cooperated to return the assets following the chain’s emergency restart. The foundation said it will consider a bounty in appreciation and has begun unpausing key network functions such as HONEY minting and redemption.
Berachain (BERA) temporarily halted all swaps, deposits, and withdrawals after the exploit to prevent further losses, citing caution as the underlying Balancer vulnerability was still under review. Over 1,000 affected users will receive recovered funds through a redistribution system that matches deposits to original wallet addresses.
Apart from Berachain, liquid staking platform StakeWise has also managed to recover about $20 million in stolen assets.
Background on the Balancer exploit
The Balancer exploit on Nov. 3 targeted the protocol’s V2 Composable Stable Pools, exploiting a precision error in the “manageUserBalance” function to drain around $128 million in assets across multiple chains — including Ethereum, Arbitrum, Base, Optimism, Polygon, Sonic, and Berachain.
More than half of the stolen funds were quickly converted to ETH. Balancer entered recovery mode and offered a 20% white-hat bounty worth $25.6 million, urging the attacker to return funds within 48 hours. Despite nine audits on its vault system, the incident reignited debates around the security limits of composable DeFi architectures.
Berachain, a Cosmos-based Layer-1 network with proof-of-liquidity consensus, was affected through its Balancer fork, BEX. Its validators halted the chain within hours and issued an emergency hard fork to freeze the attacker’s assets, later recovering the full amount after negotiations with the MEV operator behind the exploit.
Following the incident, the BERA token saw a 10% decline, but it recovered after the recovery announcement, showing renewed confidence in the project’s resilience.
