$10M Gone: Thorchain Exploit Triggers Security Fears Across DeFi

bitcoinistОпубликовано 2026-05-17Обновлено 2026-05-17

Введение

Blockchain tracker Arkham Intelligence has identified wallets linked to a THORChain exploit, holding approximately $3 million in Bitcoin and 216 ETH. On-chain investigator ZachXBT first reported the suspicious activity, estimating total losses now exceed $10 million. The attackers moved assets like USDT, USDC, and wrapped Bitcoin across multiple chains before converting to ETH. The cross-chain trading protocol was hit simultaneously on Bitcoin, Ethereum, BNB Chain, and Base. Security firm PeckShield confirmed the breach. Following the news, THORChain's native token RUNE dropped nearly 14%. The project's team had not issued a public statement at the time of reporting, increasing market anxiety. This incident highlights the recurring vulnerability of cross-chain infrastructure in DeFi, where complex code can create significant security risks. The stolen funds remain in the identified wallets for now.

Blockchain tracking firm Arkham Intelligence has labeled a set of suspicious wallets as “THORChain Exploiter” addresses, with one Bitcoin-linked wallet holding close to 36.85 BTC — worth roughly $3 million — and a separate Ethereum wallet carrying around 216 ETH. The funds are sitting there, visible on-chain, linked to two addresses that security researchers have already flagged publicly.

Who Found It First

The person who spotted the attack before anyone else did was on-chain investigator ZachXBT. He reported suspicious movement tied to THORChain’s router infrastructure, describing how attackers shifted roughly $7.2 million in assets — including USDT, USDC, and wrapped Bitcoin — across several blockchains before converting them into ETH.

His initial estimate of losses above $7.4 million was later revised upward. The total stolen, according to ZachXBT, may now exceed $10 million.

THORChain is a cross-chain trading protocol that lets users swap crypto assets across different blockchains without relying on a centralized exchange. That design also means its infrastructure touches multiple networks at once — and in this case, that became a vulnerability. The attack hit Bitcoin, Ethereum, BNB Chain, and Base simultaneously.

Security firm PeckShield independently confirmed the breach. Based on their estimates, attackers walked away with around 36.75 BTC worth close to $3 million, along with roughly $7 million more pulled from the Ethereum, BNB Chain, and Base ecosystems.

BTCUSD now trading at $77,926. Chart: TradingView

Markets React, Team Goes Quiet

RUNE, THORChain’s native token, dropped close to 14% in the hours following news of the breach, sliding toward the $0.50 mark as traders moved to cut their exposure. The price drop was fast. The official response was not.

As of reporting, THORChain had not issued a public statement explaining the scope of the exploit or what steps were being taken to address it.

That silence has added to the anxiety in the market. The protocol survived earlier security incidents by tapping into treasury reserves and recovery mechanisms, but without clarity from the team, it is difficult to know whether a similar path is possible this time.

A Pattern That Keeps Repeating

Cross-chain infrastructure has repeatedly been the site of major losses in decentralized finance. Bridges and routing systems that connect different blockchains require complex code — and complex code creates more opportunities for something to go wrong. The THORChain attack fits that pattern.

The stolen assets remain in the flagged wallets for now. Whether they stay there is another question.

Featured image from Unsplash, chart from TradingView

Связанные с этим вопросы

QHow much was stolen in the THORChain exploit according to the latest estimate by on-chain investigator ZachXBT?

AAccording to the latest estimate by on-chain investigator ZachXBT, the total stolen amount may exceed $10 million.

QWhich specific blockchains were impacted by the THORChain exploit mentioned in the article?

AThe attack impacted Bitcoin, Ethereum, BNB Chain, and Base simultaneously.

QWhat happened to the price of THORChain's native token (RUNE) following news of the security breach?

AFollowing news of the breach, THORChain's native token (RUNE) dropped close to 14%, sliding toward the $0.50 mark.

QAccording to the article, why is cross-chain infrastructure like THORChain's particularly vulnerable to attacks?

ACross-chain infrastructure is particularly vulnerable because bridges and routing systems require complex code, and complex code creates more opportunities for something to go wrong.

QWhat action had the THORChain team taken regarding the exploit at the time of the article's reporting?

AAt the time of the article's reporting, THORChain had not issued a public statement explaining the scope of the exploit or what steps were being taken to address it.

Похожее

Near Returns to the AI Stage: Transformation into a Public Chain Due to 'Payroll Difficulties,' Agent and Privacy Emerge as New Growth Narratives

NEAR Returns to AI Origins: From Payroll Struggles to Blockchain, Now Focusing on AI Agents and Privacy NEAR Protocol's journey began not with grand blockchain ambitions, but from a practical hurdle: its AI startup founders, including Transformer paper co-author Illia Polosukhin, couldn't efficiently pay international developers in 2017. This led them to pivot and build a high-performance, scalable blockchain. After years navigating various crypto narratives like sharding and cross-chain interoperability, NEAR is now leveraging its AI roots to re-enter the AI arena. A key driver is its "NEAR Intents" layer, which abstracts complex cross-chain transactions. Users simply state their goal (e.g., swap BTC for ETH), and a solver network finds the optimal route. This system has processed over $20B in cross-chain volume, generating significant fee revenue. A major growth area is private transactions via "Confidential Intents/Swaps," which hide trade details until settlement to protect against MEV and front-running. Remarkably, private swaps recently accounted for over 40% of NEAR's transaction volume, highlighting strong demand but also potential regulatory scrutiny. With its AI-founder pedigree, NEAR is positioning itself at the intersection of blockchain, AI agents, and privacy, aiming to become infrastructure for the emerging agent economy while navigating the challenges of its rapid adoption.

marsbit31 мин. назад

Near Returns to the AI Stage: Transformation into a Public Chain Due to 'Payroll Difficulties,' Agent and Privacy Emerge as New Growth Narratives

marsbit31 мин. назад

From Ethereum to AI's 'CROPS': What Exactly is This Set of 'Slow Variables' That Vitalik Repeatedly Emphasizes?

In recent discussions, Vitalik Buterin has frequently emphasized the concept of "CROPS," a framework defining core values for Ethereum's development. CROPS stands for Censorship Resistance, Capture Resistance, Open Source, Privacy, and Security. Initially outlined in the Ethereum Foundation's "EF Mandate," it represents a commitment to user sovereignty, ensuring that the network resists external control, remains open, protects privacy, and prioritizes security. The relevance of CROPS extends beyond Ethereum's foundational principles, becoming crucial in the context of AI integration. As AI agents begin handling wallet operations and automated transactions, the risk increases that users may cede control over their digital assets, privacy, and intentions to centralized AI service providers. A "CROPS AI" would therefore emphasize local execution where possible, privacy-preserving remote model calls (e.g., using zero-knowledge proofs), and transparent, verifiable processes to maintain user agency. Vitalik highlights a significant convergence between "CROPS Ethereum access layer" and "CROPS AI." Both address the same fundamental challenge: how users can access powerful services—be it blockchain data via RPCs or AI models—without exposing sensitive information or relinquishing ultimate control. This intersection points toward a future digital entry point that is more private, secure, and user-controlled. Ultimately, CROPS is not merely an abstract ideal but a practical guidepost. It steers development—from protocol resilience and wallet design to AI agent safety—towards a future where users retain self-sovereignty even as digital systems grow more complex and powerful. In an era of accelerating AI adoption, these "slow variables" of censorship resistance, openness, privacy, and security may define Ethereum's enduring value.

marsbit41 мин. назад

From Ethereum to AI's 'CROPS': What Exactly is This Set of 'Slow Variables' That Vitalik Repeatedly Emphasizes?

marsbit41 мин. назад

Zcash Bug Could Have Minted Unlimited ZEC Undetected

A critical vulnerability in Zcash's Orchard shielded pool, discovered by researcher Taylor Hornby on May 29, 2026, could have allowed an attacker to create an unlimited amount of undetectable counterfeit ZEC. The flaw, involving an under-constrained element in the Orchard circuit, existed from the pool's 2022 activation until an emergency fix was deployed by June 2, 2026. Hornby identified the bug using AI-assisted auditing tools and confirmed its exploitability in a test environment. Due to Orchard's privacy features, which hide transaction amounts and history, there is no cryptographic way to prove whether the vulnerability was exploited before the fix. While Shielded Labs assesses prior exploitation as unlikely, this uncertainty has sparked a debate on proving supply integrity in privacy-preserving systems. In response, Shielded Labs and other developers are exploring a network upgrade, potentially involving a new shielded pool and formal verification of the circuit rules to prevent future vulnerabilities and allow verification of the ZEC supply's integrity. ZEC's price fell nearly 45% following the disclosure.

bitcoinist50 мин. назад

Zcash Bug Could Have Minted Unlimited ZEC Undetected

bitcoinist50 мин. назад

Silicon Valley 'Startup Guru' Steve Hoffman: Web3 + AI Could Be a Trap

Silicon Valley investor and "Godfather of Startups" Steve Hoffman warns that combining Web3 with AI is likely a trap, not a promising venture. In an interview, Hoffman argues that while AI is a foundational technology touching all industries, Web3 adds complexity, friction, and regulatory risk without solving mainstream consumer or business needs. He advises founders to focus on deep, specialized applications where startups can out-iterate giants, rather than on generic features easily replicated by large tech companies. Hoffman observes that Silicon Valley will lead foundational AI research, while China excels at rapid, large-scale application and commercialization, particularly in robotics. He stresses that AI-driven autonomous agents capable of collaborative, multi-step tasks are 2-4 years away, which will cause significant job displacement. The solution is not to slow AI but to redesign business models around human-AI collaboration and reform social systems like education and retraining. For startups, Hoffman recommends focusing on vertical, expertise-heavy domains to build defensibility. He sees major opportunities in AI fraud detection and cybersecurity. Key founder mindsets include systemic thinking over feature-focus, relentless customer centricity, building adaptive teams, and deeply understanding AI's capabilities and limits. Hoffman is also leading a non-profit initiative to establish university centers aimed at training future leaders in responsible, human-value-aligned AI innovation.

marsbit2 ч. назад

Silicon Valley 'Startup Guru' Steve Hoffman: Web3 + AI Could Be a Trap

marsbit2 ч. назад

Token Inefficient, Economy Tokenless

The article "Tokens Aren't Economical, Economics Aren't Tokenized" analyzes a pivotal shift in the AI industry from a technology-driven narrative to one dominated by capital efficiency. It highlights two concurrent trends: a severe capital shortage due to the exorbitant and recurring costs of compute (e.g., OpenAI's high burn rate) and a wave of corporate spin-offs where major tech companies are separating their AI units (like Kuaishou's Kling and Baidu's Kunlunxin). The core argument is that AI's "anti-internet" business model, where user growth increases costs rather than profits, has created a disconnect between high valuations and actual cash flow. Spin-offs address this by allowing AI assets to be valued independently. Within a parent company, they are seen as cost centers, but as standalone entities, they are priced based on their growth potential and scarcity in the primary market, leading to massive valuation premiums (e.g., Kling's estimated value tripling post-spin-off). The industry is at an inflection point, moving from "model worship" to "value realization." The competition is evolving from a pure compute (GPU) race to a broader focus on systemic efficiency and full-stack engineering (involving CPUs and orchestration) to achieve viable commercialization. The year 2026 is framed as a critical moment where the industry must definitively answer how to economically translate AI capability into tangible business value, reshaping the sector's future power structure.

marsbit2 ч. назад

Token Inefficient, Economy Tokenless

marsbit2 ч. назад

Торговля

Спот
Фьючерсы
活动图片

Популярные категорииright-arrow

Популярные тегиright-arrow