Popular DeFi protocol Thorchain (RUNE) has suffered from a devastating attack on its Ethereum (ETH) router, an element of its smart contracts architecture.
Thorchain (RUNE) falls victim to $8 million attack; LP funds are safe
According to the official statement the Thorchain (RUNE) team shared on its Twitter account, a sophisticated attack was organized against its protocol.
THORChain has suffered a sophisticated attack on the ETH Router, around $8m. The hacker deliberately limited their impact, seemingly a whitehat.— THORChain (@THORChain) July 23, 2021
ETH will be halted until it can be peer-reviewed with audit partners, as a priority.
LPs in the ERC-20 pools will be subsidised.
As its Ethereum (ETH) router was the main target, all ETH-oriented mechanisms are currently frozen until the results of a peer review are ready. The net amount of losses is estimated at about $8 million in actual prices.
Meanwhile, the team assures everyone that no liquidity provider has suffered a fund loss since the project's treasury shoulders the burden.
Right now, the smart contract ecosystem of Thorchain’s routers is being audited by top-notch cybersecurity vendor Peckshield.
The most interesting part of the hack is the attackers' behavior. In their message shared in the transaction's hash, the hackers stressed that they have minimized the damage as they were focused on "teaching lessons." A 10 percent bounty would be sufficient to prevent the hack, they claim, outlining the paramount importance of proper security audits.
The Thorchain (RUNE) team confirmed that the outcome would have been worse if the malefactors had drained all funds accessible to them. At the same time, the team emphasizes that the project has offered a 10 percent bounty for three months in a row.
Thorchain (RUNE) engineers are going to keep the network chain halted and review all mechanisms both internally and externally.