Berachain Rushes Hard Fork After $12M Exploit Drains Key Pool

TLDR

• Berachain Foundation has distributed an emergency hard fork binary to validators following a major exploit.
• The attack drained approximately $128 million from Balancer V2 pools across Ethereum, Arbitrum, Base, and Polygon networks.
• Berachain’s BEX decentralized exchange lost around $12 million primarily from its Ethena/Honey tripool.
• Validators halted the Berachain network on November 3 to prevent further unauthorized token movements.
• Nansen identified a faulty access-control mechanism that allowed the attacker to fabricate fees within 90 seconds.

Berachain Foundation has distributed a hard fork binary to validators following a major exploit. The attack targeted Balancer V2 pools and affected multiple blockchain networks. Validators have begun upgrading their systems to prevent further unauthorized token movements.

Berachain BEX Loses $12M in Balancer Exploit

Berachain validators stopped the network on November 3 after a serious security breach. The exploit drained approximately $128 million from Balancer V2 pools across several chains. Ethereum, Arbitrum, Base, and Polygon networks were among those affected by the attack.

Blockchain analytics firm Nansen identified a faulty access-control mechanism as the root cause. The attacker created fabricated fees and converted them into withdrawable assets. Two Ethereum transactions executed within 90 seconds enabled the entire operation.

The vulnerability extended to BEX, which operates as a fork of Balancer V2. Berachain’s decentralized exchange lost around $12 million in the incident. The “Ethena/Honey tripool” on BEX sustained the majority of the losses.

Emergency Hard Fork Addresses Security Vulnerability

The foundation stated that many validators have completed the binary upgrade process. The hard fork prevents exploited tokens from leaving the Berachain network. It also blocks potential future attacks on the platform’s infrastructure.

“Prior to going live and producing blocks once again, we’d like to ensure that core infrastructure partners necessary for chain operations have updated their RPCs,” the foundation wrote. Infrastructure partners remain the main obstacle to resuming normal operations. The team is coordinating with these partners to complete necessary updates.

The incident affected non-native assets beyond BERA tokens. This complexity requires more than a simple hard fork solution. The foundation explained that a full rollback or rollforward process is necessary.

MEV Bot Operator Signals Willingness to Return Funds

Berachain Foundation is negotiating with the current holder of the drained assets. The holder operates an MEV bot and claims to be a “white hat” actor. The operator has indicated willingness to pre-sign transactions for fund returns.

The funds will be returned once Berachain resumes normal operations. The foundation plans to implement additional safety measures across BEX and other applications. Details about these security enhancements will be shared after the chain goes live.

Co-founder Smokey The Bera described the network halt as “contentious but necessary.” The action aimed to protect user deposits from further losses. On-chain investigator ZachXBT endorsed the pause as a user-focused decision.

The foundation will provide information about future plans for BEX. It will also address second-order effects from the 24-hour incident. Berachain continues working toward full network restoration.

The post Berachain Rushes Hard Fork After $12M Exploit Drains Key Pool appeared first on CoinCentral.