Deutsch한국어 日本語中文EspañolFrançaisՀայերենNederlandsРусскийItalianoPortuguêsTürkçe
Portfolio TrackerSwapBuy CryptoCryptocurrenciesPricingWalletNewsEarnBlogNFTWidgetsCoinStats MidasDeFi Portfolio Tracker24h ReportPress KitAPI Docs

THORChain Suffers Second Exploit in July as "Whitehat" Hacker Takes $8 Million Worth of Crypto

3y ago
bullish:

1

bearish:

0

image

Key highlights:

  • THORChain has suffered another exploit, with a "whitehat" hacker taking $8 million worth of funds and requesting a 10% bounty
  • The hacker says that they could have caused even more damage if they wished to do so
  • THORChain has been halted until a review of chain clients is completed

THORChain suffers yet another multi-million dollar exploit

July hasn’t been a great month for the THORChain project, as the cross-chain liquidity protocol has suffered its second multi-million dollar exploit this month. A hacker exploited a vulnerability in THORChain’s ETH Router, resulting in losses of around $8 million worth of ETH and ERC20 tokens. In the previous exploit from July 16, around $5 million of ETH and ERC-20 was stolen.

According to the official THORChain Twitter account, the liquidity providers whose funds were affected by the exploit will be “made whole in the coming weeks”. 

In response to the exploit, THORChain has been halted until an internal and external review of all chain clients. Per THORChain explorer Viewblock, the last THORChain block was mined about 15 hours ago as of the time of this writing. 

The latest THORChain exploit seems to have been the work of a white hat hacker. In a message included in the transaction’s input data, the hacker said that they could have caused even more damage by also stealing BTC, BNB and BEP20 tokens. The hacker also urged THORChain to audit their code and not rush code that’s safeguarding “9 figures” worth  of crypto assets.

The hacker is asking for a 10% bounty on the “proceeds” of the exploit, and THORChain says that they intend to award it.

News of the new exploit had a negative impact on the market for RUNE, THORChain’s native token. RUNE took a 16.8% hit in the last 24 hours, and is down 43% in the last 30 days.

The latest THORChain exploit is just another reminder that while DeFi may be a very exciting and potentially lucrative sector, investors should be exercising a lot of caution before parking their hard-earned crypto into on-chain protocols. In fact, one of the reasons why DeFi yields can be so high is precisely the risk of smart contract exploits.

3y ago
bullish:

1

bearish:

0

Manage all your crypto, NFT and DeFi from one place

Securely connect the portfolio you’re using to start.