The cross-chain DeFi protocol THORChain has suffered its second security breach in less than a month – this time, the attackers stole millions of dollars in crypto.
THORChain is the latest DeFi project to be exploited, with estimations showing that the hackers might have swooped up to $7.6 million in digital assets. The team behind the decentralized exchange promised to make whole all affected users and requested the perpetrators to contact them to discuss the return of funds.
THORChain highlighted the hack on Twitter earlier on July 16th. The amount stolen remains unconfirmed as the initial estimations showed that it was more than 13,000 ETH – worth roughly $25 million at today’s prices.
However, the team later updated with new numbers of 4,000 ETH (- about $7.6 million). At the same time, other estimations suggested that the amount is even less – approximately $6 million.
In the official Telegram account, THORChain explained that node operators, swappers, and liquidity providers will have access to their funds “when the issue has been patched, and the network resumes.”
The team also promised that the treasury has the necessary funds to make all victims whole again and asked for the hackers to get in touch.
“While the treasury has the funds to cover the stolen amount, we request the attacker get in contact with the team to discuss the return of funds and a bounty commensurate with the discovery.”
Later on, THORChain outlined its “recovery plan,” which is already in motion:
Upon executing the attack, the hackers paid “huge slip fees” of about $1.4 million, captured by nodes, and another $1.4 million caught by ERC-20 liquidity providers, the team explained.
As such, THORChain said, “only users affected are ETH LPs, and they will be made whole.”
It’s worth noting that the protocol experienced another hack recently. However, as “only” $140,000 was stolen, the team classified the network as “very mature and resilient.”
Shortly after the latest attack, the price of THORChain’s native token – RUNE – dumped by nearly 20%.