THORChain (RUNE)

Thorchain has been hacked six times in five years, and not once the same way. Each one through a different layer of the architecture. 2021 - Smart contract bug in the ETH Router. Attackers tricked Bifrost into reading manipulated msg.value events. ~$15.5M across three exploits. 2022 - Validator software bug. Non-deterministic behavior across nodes triggered a 20-hour outage. 2023 - TSS keygen vulnerability. Devs admitted a malicious validator could have drained vaults during a prior key generation. Network halted preemptively. 2025 (Jan) - Economic design failure. THORFi's lending model required RUNE to keep outperforming BTC/ETH. It didn't. $200M trapped. 2025 (Sep) - Social engineering. DPRK ran a Telegram deepfake on co-founder JP, extracted his MetaMask keys from iCloud Keychain. $1.35M lost. 2026 - TSS cryptography flaw. A malicious validator exploited the GG20 implementation, leaked key material across signing sessions, reconstructed the vault key. $10.7M drained. Plus: ~$605M of Bybit/Lazarus stolen funds laundered through in 2025. Validators voted to block, reversed under "code is law" pressure. Six distinct vectors: smart contract code, validator software, TSS keygen, economic design, social engineering, TSS cryptography. ~$227M directly lost or trapped. The architecture keeps finding new ways to fail.

Cross‑chain bridge/protocol attacks are often similar; fundamentally they exploit structural weaknesses in the cross‑chain mechanism. Cross‑chain protocols lock or hold large amounts of native assets (or liquidity), creating a "honey pot". This time THORChain affected multiple chains—BTC, ETH, BSC, and Base—because funds are distributed across chains while the verification/routing logic is unified. Historically, the attack vectors against cross‑chain bridges/protocols include: 1. Wormhole 2022 incident where $320 million was stolen, involving a signature verification bug, constituting a signature/verification bypass. 2. Nomad 2022 incident where $190 million was stolen: a misconfiguration allowed arbitrary messages to pass, representing a contract logic error. 3. Ronin 2022 incident where $250 million was stolen: 5 out of 9 keys were compromised, a multi‑signature/key breach. THORChain this time extracted funds via the Router contract and Vaults, similar to the "burn‑mint" or swap logic vulnerabilities of many liquidity bridges, constituting a Router/Vault/bridge component flaw. Between 2022 and 2026, bridge/cross‑chain related losses exceeded $2.8 billion, accounting for a large share of total DeFi hacking losses, and just last month the Kelp incident (LayerZero bridge, $290 million) occurred. Why do cross‑chain bridges/protocols keep encountering issues? Cross‑chain fundamentally connects chains with different security models, introducing additional complexity and trust assumptions, resulting in a larger attack surface than single‑chain DeFi: It involves multi‑chain smart contracts plus off‑chain components (validators, relayers, oracles). The security of a single chain does not equal overall security. If any part of the bridge code, message passing, or verification logic fails, the entire system can collapse. Some bridges/protocols also have imperfect trust models, such as reliance on multi‑sig/few validators (low threshold, easy to compromise); complex message verification (leading to fake deposit events, signature forgery, replay attacks); and upgrade/configuration risks (upgradeable contracts or parameter errors are often exploited).

Hack Season ? THORChain had to suspend trading activities after security researchers (ZachXBT and PeckShield) discovered a multi-chain exploit affecting the Bitcoin, Ethereum, BNB Smart Chain, and Base networks. The estimated loss is around $10.7M. Thorchain has confirmed the issue but has not released any notice about individual users being affected. Following this news, the $RUNE token price dropped about 17% within the past 24 hours. If you haven't forgotten, this is not the first time THORChain has experienced this situation. Previously there were two incidents: a debt crisis in January 2025, followed by a hack of the founder's personal wallet in September 2025. It is unclear whether this is a “Hack season” or something else hard to describe about multi-chain projects.

Thorchain didn't lose $10.7M to a smart contract bug or a stolen key. The bug was in the cryptography itself - and Thorchain probably isn't the only chain running on it. A single attacker bonded RUNE and joined the validator set days before the incident, looking like any legitimate operator. From inside, they exploited what investigators currently believe was a flaw in GG20, the threshold signature library Thorchain uses to co-sign transactions. Each signing session leaked a fragment of private key material to the attacker's node. After enough sessions, they had collected enough leaked data to mathematically reconstruct the vault's full private key. Then they signed unauthorized outbound transactions as the vault. The smart contracts behaved correctly. No validator infrastructure was breached. Funds left through normal channels because the signatures were mathematically valid - just produced by an attacker who had silently rebuilt the key. Here's why this matters beyond Thorchain. GG20 was published in 2020 (Gennaro-Goldfeder). The Alpha-Rays attack (Verichains, 2023) and TSSHOCK at BlackHat 2023 documented practical weaknesses in tss-lib and related implementations. Some teams patched. Many didn't bother. Based on shared library lineage, protocols that should audit their TSS right now include Mayachain (direct THORChain fork), Sygma cross-chain bridge, Keep Network's tBTC v1, and any service still running on bnb-chain/tss-lib or ZenGo-X/multi-party-ecdsa. Major custody and MPC services that already migrated to newer threshold schemes (CGGMP21, DKLs): Fireblocks, Coinbase Custody, Taurus, Silence Laboratories. The industry has been quietly moving away from GG20 for two years. Thorchain just gave everyone still on it a reason to move faster.

The crypto protocol that laundered $1.2 BILLION from the Bybit hack just got drained itself. THORChain lost $10.8 MILLION across four chains in a single attack today. THORChain is a decentralized cross chain exchange. No KYC. No intermediaries. It offers direct swaps between Bitcoin, Ethereum, BNB Chain, Base and every major network. Processing BILLIONS in volume and asking no questions about where funds come from. That last part is why it became the cash out layer of choice for every major crypto hack in the last two years. The Bybit hackers ran $1.2 BILLION through it. The KelpDAO exploiter ran roughly $80 MILLION through it. The IoTeX bridge hacker bridged stolen funds through it earlier this year. Today the same protocol got robbed for itself. Security firms Cyvers and PeckShield flagged the breach on May 15. Suspicious transactions detected across Bitcoin, Ethereum, BSC and Base simultaneously. Assets drained include USDT, USDC, WBTC, DAI, THOR, LUSD, XRUNE, GUSD, AAVE, LINK and FOX. Everything was converted to ETH and funnelled into a single Ethereum address. 0xd477b69551f49C0519F9B18c55030676138890Bd. A separate 36.85 BTC worth $3 MILLION sits in a single Bitcoin address. Total losses now estimated at $10.8 MILLION. THORChain has halted all trading and signing. RUNE dropped 12 to 15% within hours. Reliability was the only thing THORChain sold. Today it ran out.

JUST IN: THORChain reports suspected exploit via newly churned node and GG20 TSS vault key leak. Network paused. RUNE transfers/chain observation may resume in ~12h. Trading/LP/signing remain paused https://t.co/4m98GnyGEg