The protocol's team has not yet released technical details about the nature of the alleged vulnerability or confirmed
Compiled by KHAO Editorial — aggregated from 4 sources. See llms.txt for citation guidance.
✓ KHAO Verified
The suspected exploit occurred during a period of elevated activity on THORChain.
Key facts
- Has been exploited for ~$10M worth of crypto, including 36.75 $BTC ($3M) and ~$7M worth of assets
- The protocol suspended its ThorFi lending operations in January 2025 amid insolvency allegations, implementing a 90-day restructuring to address $200 million in defaulted obligations
- Last September, THORSwap issued a bounty after hackers drained $1.2 million from THORChain founder John-Paul Thorbjornsen's personal wallet, with ZachXBT later attributing the attack to North Korean
- THORChain halted trading operations Friday morning after blockchain security researchers identified a suspected exploit allegedly affecting more than $10 million across multiple blockchain networks
Summary
THORChain suspended all trading after security researchers flagged a suspected multi-chain exploit allegedly affecting Bitcoin, Ethereum, BNB Smart Chain, and Base networks. Blockchain researcher ZachXBT and security firm PeckShield identified two suspected theft addresses linked to alleged losses exceeding $10 million. THORChain halted trading operations Friday morning after blockchain security researchers identified a suspected exploit allegedly affecting more than $10 million across multiple blockchain networks. Blockchain researcher ZachXBT and security firm PeckShield traced the suspected breach to two main addresses—one on Bitcoin and another on EVM-compatible chains including Ethereum, BNB Smart Chain, and Base. Has been exploited for ~$10M worth of crypto, including 36.75 $BTC ($3M) and ~$7M worth of assets from, and.