- Cross-chain swap platform Thorchain hit by the third attack in a month, $8 million lost to a seemingly whitehat hack.
- The hacker could have exploited the network further, taking more Bitcoin, Ethereum, and Binance Coin, limited damage to prove a point.
- RUNE plans to keep the network halted as it reviews the code and finishes the security audit.
In response to a series of attacks on its network, Thorchain has acknowledged that the attacks were sophisticated and has decided to slow down. Following the hacking incident, RUNE price continued its downward slide with a -28% drop upon the attack's announcement.
Thorchain hit by whitehat hacker loses $8 million to the third hack in 30 days
Thorchain started out as a project at the Binance hackathon in 2018 and developed a fully functioning cross-chain decentralized exchange. Used for governance, staking, bonding, rewards, and trading, RUNE found its utility primarily as a cross-chain liquidity pool.
The native asset of the Thorchain network, RUNE, is traded against assets in every pool on Thorchain, building a bridge for exchanging cryptocurrencies from different blockchains. In the most recent and sophisticated attack on the network, the hacker exploited the platform for $8 million by tricking the Bifröst protocol into accepting a fake deposit.
The hacker then received a refund for the assets without making a real deposit made to the protocol. A similar exploit of the Bifröst protocol led to $5 million in losses only a week ago. It's interesting to note that the hacker left behind an explanation of the attack, claiming that it could have been much more damaging to the platform.
Addressing the Thorchain team, the attacker left a message in one of the transaction's input data:
Could have taken ETH, BTC, LYC, BNB, and BEP20s if waited Wanted to teach lesson minimizing damage
Multiple critical issues
10% VAR bounty would have prevented this
Disable until audits are complete
Audits are not a nice to have
Do not rush code that controls 9 figures
The Thorchain team identified the hacker as whitehat and acknowledged that they caused less damage than they could have. A 10% bounty has been requested from the seemingly whitehat attacker.
Thorchain has announced that it will halt the network chain pending security audits. The team will provide reimbursement to liquidity providers from its treasury and are now prepared to slow down.
The whitehat requested a 10% bounty - which will be awarded if they reach out, and they should be encouraged to do so.
— THORChain (@THORChain) July 23, 2021
It is a tough time for the community and project, and the pain is real.
The treasury has the funds to cover, but it's time to slow down.
RUNE holders and traders have undoubtedly suffered the hack's impact since the native token's price is hit yet again. The token slid from a high of $20.30 in May 2021 to $3.87, a price drop of over 80% in less than two months.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.
If not otherwise explicitly mentioned in the body of the article, at the time of writing, the author has no position in any stock mentioned in this article and no business relationship with any company mentioned. The author has not received compensation for writing this article, other than from FXStreet.
FXStreet and the author do not provide personalized recommendations. The author makes no representations as to the accuracy, completeness, or suitability of this information. FXStreet and the author will not be liable for any errors, omissions or any losses, injuries or damages arising from this information and its display or use. Errors and omissions excepted.
The author and FXStreet are not registered investment advisors and nothing in this article is intended to be investment advice.
Recommended Content
Editors’ Picks
Binance CEO calls CFTC suit “disappointing” as district court halts Voyager $1 billion sale to Binance.US

Voyager’s deal with Binance’s United States entity, Binance.US, faced another hurdle on March 27, the same day that the Commodity Futures Trading Commission (CFTC) went after the crypto exchange. This is the second time in the span of a month that Voyager’s deal has been objected against by the government.
90% of Ethereum supply leaves exchanges as regulators struggle to classify ETH as Security or Commodity

Ethereum is known not only as the second-biggest cryptocurrency but also as the second-generation cryptocurrency. The blockchain not only brought Decentralized Finance (DeFi) to the crypto space but also framed a target on its back following its Proof of Stake transition plan.
This is how EOS holders responded to the network's EVM testnet launch, what to expect this week

The first milestone on the EOS Network Foundation’s roadmap, the completion of the EOS EVM (Ethereum Virtual Machine) code, was achieved on March 22, starting the countdown to the launch of the EOS testnet. Well, it is finally here and the community is elated as it brings them closer to the mainnet release on April 14.
XRP price recovers above $0.44 as court ruling approaches, will Ripple win against the SEC?

XRP price has kept its momentum, flashing green on the one-day timeframe as the countdown to the Ripple vs SEC lawsuit continues. The remittance token is moving in tandem with our prediction last week, soaring by a significant margin to secure a place among the best-performing cryptocurrencies on a one-week timeframe.
Bitcoin: Should you trust this BTC sell signal or wait for $34,000?

Bitcoin price shows a clear picture of its rally after it breached a long-term bullish pattern in mid-January. As the rally takes a breather, sell signs have started to emerge, which is putting investors in a confused state.