DeFi’s Worst Week: $129 Million Lost in Oracle and Security Exploits
The decentralized finance (DeFi) space took a massive hit as two major protocols—Moonwell and Balancer—suffered devastating losses totaling $129 million within just 48 hours. The incidents revealed critical vulnerabilities in DeFi infrastructure, leaving the community questioning security measures and their reliance on oracle systems.
Moonwell’s $1M Loss: A Chainlink Oracle Malfunction
DeFi lending platform Moonwell became the latest victim when an attacker exploited the protocol’s infrastructure on November 4. Using a sophisticated manipulation attack, the hacker took advantage of a Chainlink oracle malfunction, which temporarily mispriced an asset worth pennies to $5.8 million. They used this artificially inflated collateral to execute multiple trades, netting approximately 292 ETH (around $1.01 million) before the exploit was detected.
According to blockchain security firm CertiK, the attacker repeated this exploit seven times within three hours, carefully avoiding the protocol’s liquidation mechanisms. Moonwell’s Total Value Locked (TVL) plummeted from $268 million to $213 million in mere hours, marking a $55 million exodus, while their WELL token lost over 12% of its value, trading at approximately $0.012.
Recurring Incidents Highlight Security Gaps
This incident marks Moonwell’s fourth major hack within three years. Past exploits include a $320,000 flash loan hack in December 2024, a $1.7 million oracle-related attack on October 10, 2025, and now another $1 million exploit. Alarmingly, Moonwell removed its Immunefi bug bounty program earlier in 2025, a move that eliminated financial incentives for ethical hackers to identify vulnerabilities before attackers did.
Balancer’s $128 Million Breach
A day before Moonwell’s incident, Balancer, another prominent DeFi protocol, lost a staggering $128 million across six blockchains, including Ethereum, Polygon, Arbitrum, and Optimism. Hackers exploited access control vulnerabilities, forcing the protocol to perform emergency network halts, such as in the case of Berachain’s urgent hard fork.
These incidents underline the diversity of vulnerabilities in DeFi: while Moonwell was hit by oracle manipulation, Balancer suffered from issues with access control protocols. Combined, the events highlight the inherent risks in DeFi’s infrastructure-heavy reliance.
Why DeFi Users Should Take Caution
The rise of exploits in 2025 underscores the importance of robust security measures in decentralized finance. Dependencies on third-party infrastructure like oracle services and the absence of proactive measures, such as bug bounty programs, make protocols susceptible to increasingly sophisticated attacks.
Pro tip: If you’re part of the cryptocurrency market, consider safeguarding your assets by using hardware wallets like the Ledger Nano X, which provides secure offline storage for your digital assets.
The Road Ahead for DeFi
DeFi continues to be a landscape of opportunity and risk. As protocols grow in complexity and value, so do potential exploits. The $129 million lost to Moonwell and Balancer serves as a stark reminder for users and developers alike to prioritize infrastructure security and community-based auditing to bolster trust in the ecosystem.
