Thorchain Experiences $8 Million Exploit and Pseudo Whitehat Exposes Code Vulnerabilities

The third attack in one month causes panic on Thorchain and drops the $RUNE price.

By
Kyle Heise
on
July 22, 2021
Category:
Blockchain News

RUINED

And $8Million worth of crypto is gone like that. The Thorchain platform token has fallen victim to another exploit, and this time it could have been much worse. 

The hacker only exploited a portion of funds and used the hack to set an example.Users were not happy looking at the immediate comments on social media. 

Alerts for the hack began just before 00:00 UTC, 23 July. The $RUNE token saw a 30x volume increase in just 5 minutes. This increase in volume was a massive influx of sellers resulting in a ~15% correction.

Some are saying that the hacker deserves the requested bug bounty for the perceived generosity. Ultimately, the message left by the hacker opens the door for wider criticism.

“Could have taken ETH, BTC, LYC, BNB, and BEP20… wanted to teach lesson minimizing damage,” said the message left by the hacker. The message further implied a weak code with many vulnerabilities by concluding, “do not rush code that controls 9 figures.”
Source

It appears the attacker exploited the ETH router to drain a significant amount of ERC20 tokens from TCLPs. An Initial Post Mortem was found in their Telegram. More details will emerge and the Thorchain community will certainly clamor for answers.

Source

Three Attacks in One Month

Three hacks in just under a month is a hard pill for many users to swallow. The chain was victim to a $5million hack just a few days ago but reassured its community by recovering the stolen amount. 

Some on social media are reacting with increased suspicion this time around considering it appears that Thorchain may have been aware of the vulnerabilities prior to the latest attack. 

Source

The hacker has requested a 10% bounty match and ThorChain has confirmed via Twitter they will meet the bounty hunter’s demands. Thorchain also acknowledged that their treasury has the funds to recover the exploit. 

The ThorChain community is right to want answers following this hack. The hacker seemingly could have stolen a much larger amount from the protocol. 

Users will always need to double-check past behavior as a gauge for investment. The times are tough for the ThorChain community. 


What is ThorChain:

THORChain is a decentralized cross-chain liquidity network that provides seamless token swaps without the use of wrapped assets and pegged tokens. RUNE is the native utility token of THORChain. The token is base currency for the entire THORChain ecosystem. The platform allows governance and security as part of THORChain's Sybil resistance mechanisms. 

Where to find ThorChain: Website | Telegram | Twitter | GitLab |

Tags:
Kyle Heise

Born and raised in the East Bay of California. He has studied and worked on three continents and lived in eight countries. Kyle resides in San Francisco. He holds bags mostly in Ethererum, Cake, and BSC GameFi projects.

Text Link

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.