Berachain initiates emergency Hard Fork! On-chain shutdown, white hat hackers in contact, 12 million dollars expected to be recovered.

After the cross-chain protocol Balancer V2 encountered a major security vulnerability, the Layer 1 blockchain project Berachain was also affected, with its decentralized exchange BEX becoming a target of the attack, resulting in losses of up to $12 million. To prevent further losses and recover stolen funds, the Berachain Foundation has urgently initiated a hard fork and suspended the entire chain's operations. The patch (binary) has been sent, and it will be back online after the core infrastructure updates.

Vulnerability Origin: Balancer V2 Exploit Affects Multiple Chains and Fork Projects

The attack originated from an exploit of the Balancer V2 vulnerability on November 3rd, where hackers abused the access control mechanism through two Ethereum transactions in just 90 seconds, forging transaction fees and converting them into withdrawable assets. According to statistics from blockchain analytics firm Nansen, this attack resulted in a total loss of approximately $128 million across liquidity pools on chains such as Ethereum, Arbitrum, Base, and Polygon.

Berachain's BEX DEX is based on the Balancer V2 architecture, with its Ethena/Honey three-pool being the first to be affected, resulting in a loss of approximately 12 million USD.

(Balancer chain reaction? Stream Finance exploded with a loss of 93 million dollars, xUSD decoupled and collapsed)

Emergency Response: Berachain Entire Chain Stopped, Initiating Hard Fork

The Berachain Foundation immediately responded after the incident by instructing validators to completely suspend block production and quickly began releasing a hard fork version to prevent funds from escaping. According to the official announcement on social media platform X (formerly Twitter) and on their blog, this version has now been successfully distributed to most validators, and some nodes have completed the upgrade.

RPC has become the main reason for the restart, waiting for infrastructure updates.

The officials stated that before the chain is restarted and blocks are generated, it is necessary to ensure that all critical infrastructure (such as the clearing oracle, etc.) has completed the RPC (Remote Procedure Call) upgrades. “These RPCs are currently the main obstacle to the recovery of operations on the chain,” the Berachain team pointed out.

Next, the team will coordinate with cross-chain bridge protocols, Centralized Exchange (CEX) partners, custodians, and others to fully restore services.

Non-native assets are widely interconnected, and the complexity of handling them is higher than that of a typical Hard Fork.

Berachain pointed out that this incident not only affects the native token BERA but also impacts other assets on the chain, so it cannot be simply resolved through a single Hard Fork. This also explains why a network suspension and complex asset state rollback are necessary, along with the simultaneous integration of multiple infrastructure supports, in order to ensure a complete overall repair.

White Hat Hackers Emerge: Funds Stolen from BEX May Be Fully Returned

In the latest announcement, the Berachain team revealed that they are currently in communication with an MEV bot operator holding the stolen BEX funds. The operator has been active on Berachain for several months, claiming to be a “white hat hacker” and expressing willingness to pre-sign transactions to return the funds to the official deployer address once the chain is back online.

Officially confirmed fund return address and on-chain message

Berachain further confirms that the funds will be returned to the deployer's address.

0xD276D30592bE512a418f2448e23f9E7F372b32A2

The address has issued a message on the blockchain as a basis for verifying the return instruction:

On-chain message 1

On-chain message 2

If everything goes smoothly, the fund return procedure can be officially executed after the on-chain reboot.

After the on-chain restart, security upgrades and future plans will be implemented.

Berachain stated that once the chain is operational again, they will fully disclose the security measures taken during this incident, including the upgrades to BEX, core applications, and Berachain itself. Additionally, the team will outline the follow-up development plans for BEX and the potential chain reactions that may arise from this incident.

Although the “downtime” of the Blockchain network has always been a controversial topic under the concept of Decentralization, Smokey The Bera, co-founder of Berachain, believes that it is a “controversial but necessary” choice to prioritize the maximum protection of user assets.

On-chain investigator ZachXBT also publicly supports this action, emphasizing that it is the right decision to put users first.

This article discusses Berachain launching an emergency Hard Fork! The chain is down, and white hat hackers are in contact, with the hope of recovering 12 million USD. This was first reported by Chain News ABMedia.