$10M Gone: Thorchain Exploit Triggers Security Fears Across DeFi

bitcoinistPublicado a 2026-05-17Actualizado a 2026-05-17

Resumen

Blockchain tracker Arkham Intelligence has identified wallets linked to a THORChain exploit, holding approximately $3 million in Bitcoin and 216 ETH. On-chain investigator ZachXBT first reported the suspicious activity, estimating total losses now exceed $10 million. The attackers moved assets like USDT, USDC, and wrapped Bitcoin across multiple chains before converting to ETH. The cross-chain trading protocol was hit simultaneously on Bitcoin, Ethereum, BNB Chain, and Base. Security firm PeckShield confirmed the breach. Following the news, THORChain's native token RUNE dropped nearly 14%. The project's team had not issued a public statement at the time of reporting, increasing market anxiety. This incident highlights the recurring vulnerability of cross-chain infrastructure in DeFi, where complex code can create significant security risks. The stolen funds remain in the identified wallets for now.

Blockchain tracking firm Arkham Intelligence has labeled a set of suspicious wallets as “THORChain Exploiter” addresses, with one Bitcoin-linked wallet holding close to 36.85 BTC — worth roughly $3 million — and a separate Ethereum wallet carrying around 216 ETH. The funds are sitting there, visible on-chain, linked to two addresses that security researchers have already flagged publicly.

Who Found It First

The person who spotted the attack before anyone else did was on-chain investigator ZachXBT. He reported suspicious movement tied to THORChain’s router infrastructure, describing how attackers shifted roughly $7.2 million in assets — including USDT, USDC, and wrapped Bitcoin — across several blockchains before converting them into ETH.

His initial estimate of losses above $7.4 million was later revised upward. The total stolen, according to ZachXBT, may now exceed $10 million.

THORChain is a cross-chain trading protocol that lets users swap crypto assets across different blockchains without relying on a centralized exchange. That design also means its infrastructure touches multiple networks at once — and in this case, that became a vulnerability. The attack hit Bitcoin, Ethereum, BNB Chain, and Base simultaneously.

Security firm PeckShield independently confirmed the breach. Based on their estimates, attackers walked away with around 36.75 BTC worth close to $3 million, along with roughly $7 million more pulled from the Ethereum, BNB Chain, and Base ecosystems.

BTCUSD now trading at $77,926. Chart: TradingView

Markets React, Team Goes Quiet

RUNE, THORChain’s native token, dropped close to 14% in the hours following news of the breach, sliding toward the $0.50 mark as traders moved to cut their exposure. The price drop was fast. The official response was not.

As of reporting, THORChain had not issued a public statement explaining the scope of the exploit or what steps were being taken to address it.

That silence has added to the anxiety in the market. The protocol survived earlier security incidents by tapping into treasury reserves and recovery mechanisms, but without clarity from the team, it is difficult to know whether a similar path is possible this time.

A Pattern That Keeps Repeating

Cross-chain infrastructure has repeatedly been the site of major losses in decentralized finance. Bridges and routing systems that connect different blockchains require complex code — and complex code creates more opportunities for something to go wrong. The THORChain attack fits that pattern.

The stolen assets remain in the flagged wallets for now. Whether they stay there is another question.

Featured image from Unsplash, chart from TradingView

Preguntas relacionadas

QHow much was stolen in the THORChain exploit according to the latest estimate by on-chain investigator ZachXBT?

AAccording to the latest estimate by on-chain investigator ZachXBT, the total stolen amount may exceed $10 million.

QWhich specific blockchains were impacted by the THORChain exploit mentioned in the article?

AThe attack impacted Bitcoin, Ethereum, BNB Chain, and Base simultaneously.

QWhat happened to the price of THORChain's native token (RUNE) following news of the security breach?

AFollowing news of the breach, THORChain's native token (RUNE) dropped close to 14%, sliding toward the $0.50 mark.

QAccording to the article, why is cross-chain infrastructure like THORChain's particularly vulnerable to attacks?

ACross-chain infrastructure is particularly vulnerable because bridges and routing systems require complex code, and complex code creates more opportunities for something to go wrong.

QWhat action had the THORChain team taken regarding the exploit at the time of the article's reporting?

AAt the time of the article's reporting, THORChain had not issued a public statement explaining the scope of the exploit or what steps were being taken to address it.

Lecturas Relacionadas

MY Group Completes Web4.0 First Stock Listing Layout, SEC Officially Discloses Form 8-K Announcement

MY Group has completed the listing layout for the "Web4.0 First Share," with the U.S. Securities and Exchange Commission (SEC) formally disclosing a Form 8-K report. According to the filing, the company's board has officially appointed Mr. Zhang Dingwen as Chief Executive Officer (CEO) and Executive Director, marking a significant upgrade in management and the entry into a new phase of its global capital market strategy. The disclosure of Form 8-K, used for reporting major corporate events, coincides with market information indicating the company is advancing several key capital market initiatives. These include a global brand system upgrade, corporate strategic restructuring, and a change of its stock ticker symbol. These moves are viewed by industry experts as signals of accelerated internationalization and enhanced global market presence. Concurrently, MY Group's proposed "Web4.0 Ecosystem" is garnering market attention. The company is integrating core capabilities across social traffic portals, global payment systems, public blockchain infrastructure, digital asset trading, and AI-powered financial systems. Analysts suggest that by closing this ecosystem loop, MY Group has the potential to become a next-generation platform merging Web2 user scale with Web3 asset frameworks and AI financial capabilities. With the management upgrade finalized, the global brand strategy launched, and the stock ticker change pending, MY Group is positioning itself as a focal point in the global technology capital market as a potential leading Web4.0 platform enterprise.

marsbitHace 3 hora(s)

MY Group Completes Web4.0 First Stock Listing Layout, SEC Officially Discloses Form 8-K Announcement

marsbitHace 3 hora(s)

Analyst Who Predict Bitcoin Top And Bottom Reveals When Price Will Start To Rise Again

An analyst known for accurately calling Bitcoin's previous top and bottom warns of a prolonged bearish phase. Following a rebound above $82,000 and a subsequent rejection, Bitcoin is seen forming a "bull trap" within a broader bearish structure. The analyst, Kabuki, projects a steady decline to around $61,000, then $47,000, followed by a temporary bounce to $55,000 before a final crash to approximately $41,000 by June 2026. This level is marked as the potential cycle bottom, after which prices could begin to rise again. Another expert echoes the bull trap warning, suggesting a sharp correction to $51,000 could start soon. Bitcoin was trading near $78,474 at the time of the report.

bitcoinistHace 4 hora(s)

Analyst Who Predict Bitcoin Top And Bottom Reveals When Price Will Start To Rise Again

bitcoinistHace 4 hora(s)

3 People with 100 AI Programmers, Burning Through $1.3 Million a Month! OpenAI: I'll Foot the Bill

In a striking demonstration of AI-powered development, Peter Steinberger (creator of OpenClaw) shared that his three-person team spent $1.3 million in one month to run approximately 100 AI agents (primarily Codex instances). OpenAI covered the cost. The expenditure consumed 6.03 trillion tokens across 7.6 million requests. Steinberger argues that, with "fast mode" disabled, the cost falls below that of a single engineer while providing significantly greater output. This "cloud programmer army" handles core but tedious software engineering tasks: reviewing pull requests, finding security vulnerabilities, deduplicating issues, fixing bugs, monitoring benchmarks, and even generating PRs after meetings. This shifts AI's role from merely writing code to maintaining the entire collaborative fabric of a project. Steinberger's tool, CodexBar (a macOS menu bar app), tracks usage and costs across various AI coding services, highlighting how token consumption is becoming a key metric—a new "means of production." The experiment poses a profound question: if token cost ceases to be a barrier, how will software development transform? As model prices fall, the capability for small teams to leverage large numbers of AI agents could become commonplace, fundamentally altering the scale and speed of development. The future, Steinberger suggests, is arriving rapidly.

marsbitHace 5 hora(s)

3 People with 100 AI Programmers, Burning Through $1.3 Million a Month! OpenAI: I'll Foot the Bill

marsbitHace 5 hora(s)

In the AI Era, How to Onboard Without Starting from Scratch

In the AI era, onboarding new employees often resembles a botched relay race baton handoff, where the organization maintains speed while the newcomer starts from zero. The author, after joining Ramp, argues the core problem is a lack of accessible, shared organizational "context"—the collective knowledge from meetings, documents, Slack discussions, and decisions. Instead of relying on slow, manual onboarding or isolated AI tools, the solution is building a continuously updated "company brain." This system acts as a central, AI-native knowledge base that absorbs all company signals. The author describes building a prototype using an Obsidian vault powered by Claude, fed by automated meeting transcripts and notes, and topped with reusable agent "skills." The current enterprise AI approach, deploying specific workflow agents, is likened to the "chatbot era"—useful but disconnected. The real gap is the absence of a shared brain that all agents and employees can access from day one. The future lies in making context layer infrastructure the priority: write context first, then install tools; record every meeting; build the wiki before the dashboard. When new hires, AI agents, and even customers can immediately access this living company brain, the costly "ramp-up" period becomes obsolete. True organizational speed is achieved when maximum velocity and seamless context transfer happen simultaneously.

marsbitHace 5 hora(s)

In the AI Era, How to Onboard Without Starting from Scratch

marsbitHace 5 hora(s)

Bitcoin Treasury Firm Strategy To Repurchase $1.5B Of Convertible Notes — Details

Bitcoin treasury firm Strategy (formerly MicroStrategy) plans to repurchase approximately $1.5 billion of its convertible notes due in 2029 for an estimated $1.38 billion. According to a filing with the SEC, the company will fund the buyback using cash reserves, proceeds from securities sales, and/or potential sales of Bitcoin. This move, authorized by Chairman Michael Saylor, follows recent comments from CEO Phong Le about possible scenarios for selling Bitcoin to enhance shareholder value. The repurchase could positively impact equity holders by preventing future stock dilution. The news follows a record $1.53 billion trading volume for Strategy's preferred stock (STRC), a key instrument for its Bitcoin acquisitions. The firm remains the largest corporate Bitcoin holder with 818,869 BTC.

bitcoinistHace 6 hora(s)

Bitcoin Treasury Firm Strategy To Repurchase $1.5B Of Convertible Notes — Details

bitcoinistHace 6 hora(s)

Trading

Spot
Futuros
活动图片