Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
Cross-chain DeFi protocol THORChain has suspended trading, following what appears to be a significant multi-chain exploit that may have depleted over $10 million in cryptocurrency assets. Suspicious withdrawals involving Bitcoin, Ethereum, BNB Chain, and Base-linked assets have been reported by security researchers and on-chain investigators such as PeckShield.
Early tracking data indicates that the attackers allegedly took about 36.75 BTC, or about $3 million, along with an additional $7 million in assets that were bridged across several chains. Both Bitcoin and Ethereum-compatible networks’ publicly known wallet addresses were linked to the stolen funds.
Following the incident, THORChain stopped trading, probably to avoid further liquidity drains or cascading exploits across linked pools. Because THORChain serves as essential infrastructure for decentralized cross-chain swaps, disruptions may affect all of the ecosystems, wallets, aggregators, and liquidity suppliers.
DeFi security is in trouble
DeFi security is already experiencing hardship. Exploits, bridge attacks, governance breaches, and wallet-draining malware campaigns have plagued the industry in recent months. When a foundational liquidity layer fails, interconnected DeFi systems can quickly spread contagion, as demonstrated by recent attacks on major protocols.
Because cross-chain protocols integrate complicated smart contracts, multiple consensus systems, bridge infrastructure, and liquidity management into a single environment, security experts have frequently cautioned that they continue to be one of the most hazardous attack surfaces in cryptocurrency.
Additionally, when protocols lack hardened security layers, academic research has demonstrated how DeFi composability, flash loans, and transaction ordering vulnerabilities create highly exploitable conditions.
Guidelines for users
Until an official post-mortem and security assessment are made public, anyone with assets linked to THORChain-integrated wallets, routers, or liquidity pools should refrain from using the protocol. Revoke unnecessary wallet approvals, keep a close eye on official THORChain channels, and stay away from phishing links that take advantage of the incident’s panic.
Decentralization does not completely remove risk, despite common beliefs the market had a few years ago. DeFi continues to function in a setting where a single vulnerability could instantly freeze billions of dollars in liquidity.
Dan Burgin
U.Today Editorial Team
