DeFi Hacks Shrink but Flaws Now Hit Six Chains Simultaneously

DeFi losses have dropped sharply since their 2022 peak, but a new breed of risk is emerging – one that can drain funds across multiple chains at once. Industry-wide protocol losses fell from $2.62 billion in 2022 to $534 million in 2024, an 80% plunge that marks a significant improvement in DeFi security.

Bridge exploits, once the headline-grabbing culprits behind billion-dollar heists, now represent just a fraction of total DeFi losses. In particular, the $1.9 billion lost to nine bridge hacks in 2022 – including the notorious Ronin Bridge’s $624 million breach – dwindled to only 3% of losses by 2025.

That sounds reassuring until you consider a newer, more insidious threat: repeated deployment of identical codebases across several chains. This architectural convenience turns a single coding oversight into a multisystem vulnerability. Case in point: last November’s $128 million drain from Balancer V2 Composable Stable Pools, which hit six blockchains simultaneously – Ethereum, Arbitrum, Base, Polygon, OP Mainnet, and Sonic.

The culprit was an arithmetic precision bug that allowed attackers to manipulate token balances by nudging values onto rounding boundaries, then amplifying tiny errors through chained swaps until funds were fully drained. The flaw survived eleven security audits, underscoring the subtlety and complexity of modern DeFi vulnerabilities.

While the median loss per incident fell from $6 million in 2022 to $1.5 million in 2025, the number of individual exploits–83 last year–actually rose. This pattern suggests a maturing security landscape: attacks remain frequent but do less damage.

Nevertheless, the risk morphs rather than disappears. As multisystem exploits become viable through code replication, the attack surface widens, potentially sparking systemic shocks that cross not just projects but entire ecosystems.

Traders and developers must watch for such cross-chain deployment vulnerabilities. The Balancer case sets a precedent: audit coverage alone isn’t enough. Defensive strategies will need to evolve beyond basic checks to analyzing shared codebases across all supported chains.

Ethereum remains the hub where most of these exploits surface, making its security developments particularly relevant. Investors should track upcoming protocol updates and patch cycles carefully, especially when protocols replicate code on multiple Layer-2s or sidechains.

As DeFi grows deeper roots in multi-chain environments, the next big exploits might not be about single-chain bridge failures anymore but about simultaneous collapses triggered by one shared bug. That raises stakes for auditing firms and protocol teams alike in crafting truly cross-chain resilient code.