Balancer, a decentralized finance protocol, recently reported a $116 million hack resulting from a complex code exploit. The attack specifically targeted Balancer v2 Stable Pools and Composable Stable v5 pools, leaving other pool types unharmed. The hacker exploited a rounding function in the Stable Pools that was supposed to round down token prices but was manipulated to siphon funds through BatchSwaps. This feature allowed the attacker to bundle multiple actions in one transaction, including flashloans. The stolen funds often stayed in the Vault as internal balances before being withdrawn in later transactions. The hackers demonstrated advanced skills, preparing for months and utilizing small Tornado Cash deposits to obfuscate their trail. In response, Balancer collaborated with cybersecurity experts and other crypto protocols to recover some of the stolen assets, managing to freeze or reclaim approximately $21 million in total, including over 5,000 Staked ETH and osGNO tokens. In the wake of the incident, Balancer paused all affected pools and halted the creation of new vulnerable pools until the underlying issues are resolved. They also offered a 20% bounty for the return of the stolen funds, but no one had claimed it by the time of the report.