{"id":90623,"date":"2025-11-04T12:49:59","date_gmt":"2025-11-04T09:49:59","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=90623"},"modified":"2025-11-04T12:50:28","modified_gmt":"2025-11-04T09:50:28","slug":"berachain-executes-emergency-hard-fork-following-128-million-balancer-breach","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/berachain-executes-emergency-hard-fork-following-128-million-balancer-breach\/","title":{"rendered":"Berachain Executes Emergency Hard Fork Following $128 Million Balancer Breach"},"content":{"rendered":"<p>The Berachain Foundation team initiated an emergency hard fork following the <a href=\"https:\/\/forklog.com\/en\/news\/balancer-defi-protocol-suffers-128m-hack\">breach<\/a> of Balancer, which resulted in a $128 million loss. The network was halted to address a vulnerability in its native <a href=\"https:\/\/forklog.com\/en\/news\/what-is-a-decentralised-exchange-dex\">decentralized exchange<\/a> known as BEX.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Bera core update:<\/p>\n<p>The binary for the hard fork has been circulated and many of the validators have upgraded. Prior to going live and producing blocks once again, we&#8217;d like to ensure that core infrastructure partners necessary for chain operations (oracles for liquidations etc)\u2026<\/p>\n<p>\u2014 Berachain Foundation \ud83d\udc3b\u26d3 (@berachain) <a href=\"https:\/\/twitter.com\/berachain\/status\/1985520815677288529?ref_src=twsrc%5Etfw\">November 4, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The vulnerability in BEX, a fork of Balancer V2, was part of a larger attack. On November 3, the breach affected DeFi protocol pools across Ethereum, <a href=\"https:\/\/forklog.com\/en\/news\/what-is-arbitrum\">Arbitrum<\/a>, <a href=\"https:\/\/forklog.com\/en\/news\/what-is-base-coinbases-l2\">Base<\/a>, and <a href=\"https:\/\/forklog.com\/en\/news\/what-is-polygon-matic\">Polygon<\/a> networks. Approximately $12 million was drained from the ENA\/HONEY liquidity pair on BEX.<\/p>\n<p>According to Nansen analysts, the incident was caused by a failure in the access control mechanism. This allowed the perpetrator to generate fake fees and withdraw them as real assets.<\/p>\n<p>The hard fork will block the movement of stolen tokens beyond the network and prevent further attacks. Developers have already distributed the update to validators.<\/p>\n<p>The network will resume operations once key infrastructure partners update their <span data-descr=\"remote procedure call\" class=\"old_tooltip\">RPC<\/span> servers. The team described this as the &#8220;main obstacle to resuming operations&#8221; in their statement.<\/p>\n<p>Foundation representatives are negotiating with the <a href=\"https:\/\/forklog.com\/en\/news\/what-is-mev-in-ethereum\">MEV<\/a> operator holding the withdrawn funds. The operator has expressed willingness to return the assets after the network relaunch, describing themselves as a &#8220;white hat hacker.&#8221;<\/p>\n<p>Following the network&#8217;s restoration, the Berachain team promised to publish a report on security measures and future plans for BEX development.<\/p>\n<h2 class=\"wp-block-heading\">11 Audits<\/h2>\n<p>According to <a href=\"https:\/\/github.com\/balancer\/balancer-v2-monorepo\/tree\/master\/audits\">GitHub<\/a>, Balancer V2 smart contracts underwent 11 audits by four companies: OpenZeppelin, Trail of Bits, Certora, and ABDK. The last audit took place in September 2022.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;The [Balancer] vault was audited three times by different firms, yet it was still hacked. This industry needs to acknowledge that &#8216;audited by X&#8217; means almost nothing. Code is complex, and DeFi is even more so,&#8221; wrote Suhail Kakar, Head of Developer Relations at blockchain project TAC.<\/em><\/p>\n<\/blockquote>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">balancer went through 10+ audits. the vault was audited 3 separate times by different firms<\/p>\n<p>still got hacked for $110M<\/p>\n<p>this space needs to accept that &#8216;audited by X&#8217; means almost nothing. code is hard, defi is harder<\/p>\n<p>it is unfortunate but hope the team recovers <a href=\"https:\/\/t.co\/nZzVzCdqDO\">pic.twitter.com\/nZzVzCdqDO<\/a><\/p>\n<p>\u2014 Suhail Kakar (@SuhailKakar) <a href=\"https:\/\/twitter.com\/SuhailKakar\/status\/1985331523646615664?ref_src=twsrc%5Etfw\">November 3, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The Balancer team <a href=\"https:\/\/etherscan.io\/tx\/0xbf9875045085cdb1b44822dd6ed68c9e5970b102d6fa9a98c64f7a5a1eba60a7\">offered<\/a> the hacker a reward of 20% of the stolen amount. The condition is a full return of the funds within 48 hours. If refused, the protocol threatened to engage blockchain forensic experts and law enforcement.<\/p>\n<p>Back in August 2023, Balancer developers <a href=\"https:\/\/forklog.com\/en\/news\/balancer-team-urged-users-to-withdraw-funds-from-pools\">reported<\/a> a critical vulnerability affecting several pools of the second version of the DeFi platform.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Berachain Foundation initiated an emergency hard fork following the Balancer breach. The network was halted to address a vulnerability in the native DEX known as BEX.<\/p>\n","protected":false},"author":1,"featured_media":90624,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"Berachain initiated a hard fork after Balancer's $128M breach to fix BEX vulnerability.","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1856,44,1093,787],"class_list":["post-90623","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-balancer-bal","tag-cybercrime","tag-defi","tag-dex"],"aioseo_notices":[],"amp_enabled":true,"views":"378","promo_type":"1","layout_type":"1","short_excerpt":"Berachain initiated a hard fork after Balancer's $128M breach to fix BEX vulnerability.","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/90623","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=90623"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/90623\/revisions"}],"predecessor-version":[{"id":90625,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/90623\/revisions\/90625"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/90624"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=90623"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=90623"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=90623"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}