$10M Gone: Thorchain Exploit Triggers Security Fears Across DeFi

bitcoinistPublicado a 2026-05-17Actualizado a 2026-05-17

Resumen

Blockchain tracker Arkham Intelligence has identified wallets linked to a THORChain exploit, holding approximately $3 million in Bitcoin and 216 ETH. On-chain investigator ZachXBT first reported the suspicious activity, estimating total losses now exceed $10 million. The attackers moved assets like USDT, USDC, and wrapped Bitcoin across multiple chains before converting to ETH. The cross-chain trading protocol was hit simultaneously on Bitcoin, Ethereum, BNB Chain, and Base. Security firm PeckShield confirmed the breach. Following the news, THORChain's native token RUNE dropped nearly 14%. The project's team had not issued a public statement at the time of reporting, increasing market anxiety. This incident highlights the recurring vulnerability of cross-chain infrastructure in DeFi, where complex code can create significant security risks. The stolen funds remain in the identified wallets for now.

Blockchain tracking firm Arkham Intelligence has labeled a set of suspicious wallets as “THORChain Exploiter” addresses, with one Bitcoin-linked wallet holding close to 36.85 BTC — worth roughly $3 million — and a separate Ethereum wallet carrying around 216 ETH. The funds are sitting there, visible on-chain, linked to two addresses that security researchers have already flagged publicly.

Who Found It First

The person who spotted the attack before anyone else did was on-chain investigator ZachXBT. He reported suspicious movement tied to THORChain’s router infrastructure, describing how attackers shifted roughly $7.2 million in assets — including USDT, USDC, and wrapped Bitcoin — across several blockchains before converting them into ETH.

His initial estimate of losses above $7.4 million was later revised upward. The total stolen, according to ZachXBT, may now exceed $10 million.

THORChain is a cross-chain trading protocol that lets users swap crypto assets across different blockchains without relying on a centralized exchange. That design also means its infrastructure touches multiple networks at once — and in this case, that became a vulnerability. The attack hit Bitcoin, Ethereum, BNB Chain, and Base simultaneously.

Security firm PeckShield independently confirmed the breach. Based on their estimates, attackers walked away with around 36.75 BTC worth close to $3 million, along with roughly $7 million more pulled from the Ethereum, BNB Chain, and Base ecosystems.

BTCUSD now trading at $77,926. Chart: TradingView

Markets React, Team Goes Quiet

RUNE, THORChain’s native token, dropped close to 14% in the hours following news of the breach, sliding toward the $0.50 mark as traders moved to cut their exposure. The price drop was fast. The official response was not.

As of reporting, THORChain had not issued a public statement explaining the scope of the exploit or what steps were being taken to address it.

That silence has added to the anxiety in the market. The protocol survived earlier security incidents by tapping into treasury reserves and recovery mechanisms, but without clarity from the team, it is difficult to know whether a similar path is possible this time.

A Pattern That Keeps Repeating

Cross-chain infrastructure has repeatedly been the site of major losses in decentralized finance. Bridges and routing systems that connect different blockchains require complex code — and complex code creates more opportunities for something to go wrong. The THORChain attack fits that pattern.

The stolen assets remain in the flagged wallets for now. Whether they stay there is another question.

Featured image from Unsplash, chart from TradingView

Preguntas relacionadas

QHow much was stolen in the THORChain exploit according to the latest estimate by on-chain investigator ZachXBT?

AAccording to the latest estimate by on-chain investigator ZachXBT, the total stolen amount may exceed $10 million.

QWhich specific blockchains were impacted by the THORChain exploit mentioned in the article?

AThe attack impacted Bitcoin, Ethereum, BNB Chain, and Base simultaneously.

QWhat happened to the price of THORChain's native token (RUNE) following news of the security breach?

AFollowing news of the breach, THORChain's native token (RUNE) dropped close to 14%, sliding toward the $0.50 mark.

QAccording to the article, why is cross-chain infrastructure like THORChain's particularly vulnerable to attacks?

ACross-chain infrastructure is particularly vulnerable because bridges and routing systems require complex code, and complex code creates more opportunities for something to go wrong.

QWhat action had the THORChain team taken regarding the exploit at the time of the article's reporting?

AAt the time of the article's reporting, THORChain had not issued a public statement explaining the scope of the exploit or what steps were being taken to address it.

Lecturas Relacionadas

70% of the Public Opposes AI, Americans Hope the U.S. Loses the AI War

70% of Americans believe AI development is moving too fast, with growing public resistance evolving from online criticism to real-world protests and violence. This widespread anti-AI sentiment stems from fears of job losses, rising utility costs, environmental damage, threats to democracy, and financial instability. Key incidents illustrate the backlash: Google's former CEO Eric Schmidt was loudly booed at a graduation for promoting AI; AI company ads are vandalized; protests and even violent attacks target AI firms and data centers. Polls show deep public pessimism and strong local opposition to data center construction, often surpassing resistance to nuclear power plants. The core grievances are economic and practical: AI is seen as automating jobs, concentrating wealth, and increasing household electricity and water bills due to massive data center resource demands. Environmentalists also oppose AI's high energy use and carbon emissions. This opposition has turned AI into a major political issue in the US. While the Trump administration prioritizes AI innovation for global competition, bipartisan pushback is growing. Democrats and factions within the MAGA movement are forming temporary alliances to support stricter regulations and local bans on new data centers, pressuring the administration to choose between its tech industry backers and its voter base. The situation highlights a profound national divide over AI's future.

marsbitHace 11 min(s)

70% of the Public Opposes AI, Americans Hope the U.S. Loses the AI War

marsbitHace 11 min(s)

More Bitcoin Investors Slip Into Unrealized Losses Following Recent Selloff – Here Are The Numbers

Bitcoin's recent selloff, pushing prices toward $60,000, has led to a significant increase in investor unrealized losses. Data shows the percentage of Bitcoin supply held at a profit has fallen to about 55%, approaching a critical low. Market analysts describe this as a distribution phase, indicating a potential large-scale transfer of holdings. Despite massive accumulation by entities like MicroStrategy and ETFs, removing over 1.2 million BTC from circulation, strong selling pressure persists, keeping prices subdued and testing key market support levels.

bitcoinistHace 23 min(s)

More Bitcoin Investors Slip Into Unrealized Losses Following Recent Selloff – Here Are The Numbers

bitcoinistHace 23 min(s)

Crypto.com Launches Fully Funded OTC Options for Institutional Traders

Crypto.com Exchange has launched Fully Funded Over-the-Counter (OTC) Options for institutional clients, including foundations and VIP traders. This new service provides a private, off-orderbook venue to execute custom European-style vanilla options, addressing issues like slippage and information leakage common in public markets. Key features include customizable tenors of up to three months, 100% collateralization by sellers to mitigate liquidation risk, and physical settlement upon expiration. The offering is highlighted by USD options for covered call strategies, instant quoting via dedicated Telegram/Slack channels, a secure Sales Portal for booking, and automated settlement based on exchange index prices.

TheNewsCryptoHace 1 hora(s)

Crypto.com Launches Fully Funded OTC Options for Institutional Traders

TheNewsCryptoHace 1 hora(s)

Agents Take Over Traffic Distribution Power: What Are Tencent, ByteDance, and Alibaba Competing For?

In the race to dominate the AI era's entry point, China's tech giants—Tencent, ByteDance, and Alibaba—are aggressively deploying AI Agents to control the future of traffic distribution. Alibaba is pursuing a dual-track "closed loop + openness" strategy. Its Qianwen app is evolving into a super-Agent integrated across its ecosystem (Taobao, Alipay, etc.) to handle complex tasks like travel planning. Concurrently, it is opening its platform to external brands (Luckin Coffee, KFC) and has launched a B2B Agent platform, "Wukong," targeting enterprise automation. Its other flagship, Quark, aims to be an "AI super search box" for information and tasks. ByteDance is executing an omnipresent "sprawl strategy." Its Doubao app boasts over 300 million monthly active users and is evolving into a default AI entry point for daily life, with plans for paid versions and e-commerce integration. Its core weapon is the Kouzi platform, a visual "AI assembly factory" for developers to build custom Agents. ByteDance is also pushing hardware integration, collaborating on AI phones and developing smart glasses to embed Doubao everywhere. Tencent is playing its long-held "ultimate card" by quietly embedding an AI Agent directly into WeChat. This Agent, accessible via a swipe, can understand user commands and automatically execute tasks by calling upon WeChat's millions of mini-programs (e.g., finding and ordering coffee). This leverages WeChat's unparalleled 1.4-billion-user ecosystem to position the app as an AI-powered "service operating system," a move that could dramatically reshape the competitive landscape. The core battleground is shifting from competing for "user screen time" to competing to be the "default execution layer" for user intent. The business model is evolving from an "attention economy" to an "intent economy," where the Agent that can most efficiently fulfill a user's need gains control over service access and token flow. This represents a fundamental change in how users connect with digital services, making the fight for the Agent入口 (entry point) a pivotal moment for redefining industry leadership in the AI age.

marsbitHace 2 hora(s)

Agents Take Over Traffic Distribution Power: What Are Tencent, ByteDance, and Alibaba Competing For?

marsbitHace 2 hora(s)

Nasdaq Plummets 4% Overnight, $1.3 Trillion Evaporated, U.S. Stocks Suffer Triple Blow

A severe market correction hit US stocks on June 5th, with the Nasdaq plunging 4.18%, erasing $1.3 trillion in chip stock value. The sell-off was triggered by three simultaneous factors. First, Broadcom's earnings report, while showing strong AI chip revenue growth of 143%, provided a Q3 AI revenue forecast that fell short of the most optimistic analyst expectations, casting doubt on the 'infinite AI growth' narrative and sparking a sector-wide rout. Second, a much stronger-than-expected May jobs report (172k vs. 80k expected) significantly increased market bets on a potential Federal Reserve rate hike instead of a cut, putting pressure on high-valuation tech stocks. Third, persistent high oil prices due to the ongoing Iran war and Strait of Hormuz disruption continue to fuel inflation concerns, limiting the Fed's policy options. The combined effect attacked the core market pillars of boundless AI growth and expected monetary easing. While the暴跌 represents a significant valuation repricing, the underlying AI demand remains strong. The market's direction now hinges on the upcoming Fed meeting, further AI company guidance, and developments in the Iran conflict.

marsbitHace 2 hora(s)

Nasdaq Plummets 4% Overnight, $1.3 Trillion Evaporated, U.S. Stocks Suffer Triple Blow

marsbitHace 2 hora(s)

Trading

Spot
Futuros
活动图片