A major exploit targeting the decentralized finance protocol Balancer has resulted in over $116 million being drained from its V2 Composable Stable Pools. This attack, which occurred around 7:48 AM UTC on Monday, marks one of the largest DeFi breaches this year. The affected pools are an older version of the protocol launched in 2021. Balancer has confirmed that while they are working with security experts to understand the issue, their V3 and other pools remain unaffected. They are actively taking steps like pausing affected pools for recovery. The attack was flagged by blockchain investigators who estimated that the total stolen funds have reached $116.6 million across multiple networks, including Ethereum, Polygon, and Base. The incident also saw the attacker begin moving the funds, prompting fears of potential laundering through secondary DeFi platforms. Balancer has issued a bounty of 20% for the return of the remaining funds, but security firm Cyvers deemed the incident suspicious. Analysts are now examining the code flaw that allowed this exploit to occur and point out it was buried deep within Balancer’s shared vault system. The stolen assets include osETH, WETH, and wstETH, among others. Other DeFi projects built on Balancer’s infrastructure, including Beets Finance, have also reported losses of over $3 million. The incident highlights ongoing security concerns within the decentralized finance space and calls for improvements in code audit practices.