● NFT LIVEVol 24h: $501.3KFloor Avg: 9.69 ETHTop Chain: ETHEREUM
Bored Ape Yacht Club 9.14 ETH ▲ 2.1%CryptoPunks 32.7 ETH ▲ 0%Mutant Ape Yacht Club 1.35 ETH ▼ 1.1%Azuki 0.82 ETH ▲ 0%Pudgy Penguins 4.44 ETH ▲ 3%Bored Ape Yacht Club 9.14 ETH ▲ 2.1%CryptoPunks 32.7 ETH ▲ 0%Mutant Ape Yacht Club 1.35 ETH ▼ 1.1%Azuki 0.82 ETH ▲ 0%Pudgy Penguins 4.44 ETH ▲ 3%
token of power exploit drains 1 58 million from balancer pool thumbnail

Token of Power exploit drains $1.58 million from Balancer pool

A Token of Power exploit has reportedly drained $1.58 million from a Balancer pool, according to multiple blockchain security firms that flagged the incident on X.

Token of Power exploit drains $1.58 million from Balancer pool

What happened in the Token of Power exploit

Blockchain security firm Blockaid flagged the exploit involving a token called Token of Power, reporting that $1.58 million was drained from a Balancer liquidity pool.

Security monitors CyversAlerts and PeckShield also posted alerts about the incident, corroborating the initial report.

TLDR: KEY POINTS

  • A Token of Power exploit drained $1.58 million from a Balancer liquidity pool.
  • Multiple security firms, including Blockaid, CyversAlerts, and PeckShield, flagged the incident.
  • The exploit method, attacker identity, and protocol response remain unknown at this time.

The specific mechanism used to execute the exploit has not been publicly confirmed. No details about the attacker’s wallet, the vulnerable contract, or the exact tokens removed from the pool have been verified at this stage.

Why the Balancer pool drain matters

A liquidity pool drain differs from a simple token price drop because it directly removes assets deposited by liquidity providers. In a pool exploit, LPs lose their deposited funds rather than simply experiencing unrealized losses from price movement.

The incident is notable for DeFi users who provide liquidity on Balancer or interact with lesser-known tokens paired in its pools. Exploits targeting specific token pools have been a recurring theme in DeFi security, similar to how a compromised employee laptop recently led to a $36 million exploit at Humanity Protocol.

No information is available about whether affected liquidity providers will receive any reimbursement or whether Balancer has paused the affected pool.

What remains unknown

Several critical details have not been confirmed. The exploit vector, whether it involved a flash loan, a reentrancy bug, price manipulation, or another technique, has not been disclosed by any of the security firms that flagged the incident.

No official statement from the Balancer team or the Token of Power project has surfaced. The attacker’s identity, the destination of the drained funds, and whether any portion has been frozen or recovered are all unresolved.

As DeFi security incidents continue to draw scrutiny, with legal enforcement actions increasing across the crypto space and regulators weighing new frameworks for crypto exposure, subsequent reporting and on-chain analysis may clarify the full scope of this exploit.

Additional source references: source document 1, source document 2.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.