StakeWise Recovers $19M osETH, Cuts Balancer Hack Loss to $98M

On November 3, a callback flaw in Balancer V2’s Composable Stable Pools manageUserBalance function was exploited, draining about 6,851 osETH (over $25 million) and 13,495 osGNO. The attacker converted more than half the stolen assets into ETH. Following the Balancer hack, StakeWise’s DAO emergency multisig recovered 5,041 osETH (~$19.3 million), reducing net losses from $117 million to $98 million and reclaiming 73.5% of the stolen osETH; the remaining 26.5% (approx $7 million) remains unrecovered. Balancer paused vulnerable pools, issued a 20% white-hat bounty (~$25.6 million) for full fund return, and warned users of potential scams. In the 24 hours after the Balancer hack, TVL fell from $442 million to $214.5 million and the BAL token dropped 8%. Broader market weakness saw BTC and ETH decline 18% and 27% over the past month. Security firms Nansen and PeckShield confirmed the breach was a technical exploit, not a key theft. Recoveries will be redistributed pro-rata to affected users once a full post-mortem is published. Experts warn that similar smart contract flaws could threaten other DeFi platforms.