Home
News
Details

THORChain Suspends Transactions Amid Suspected Cross-Chain Attack, RUNE Drops Over 10%

icon币界网
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
RUNE
$0.4349-3.91%
This is the logo of the coin.
BTC
$77,860.801.34%
This is the logo of the coin.
ETH
$2,140.711.24%
AI summary iconSummary

expand icon
On-chain news broke on Friday as THORChain halted transactions amid a suspected cross-chain attack. Researchers estimate losses could exceed $10 million, with Bitcoin news highlighting stolen funds moving to two primary addresses—one on Bitcoin and another on EVM chains. RUNE dropped over 10% following the incident. The protocol paused transactions while investigating the cause. Daily volume reached $394 million at the time of the attack. This follows previous security issues, including the 2025 ThorFi suspension.
CoinDesk reports:

THORChain suspended all trading on Friday after on-chain security researchers detected a suspected cross-chain attack. According to publicly tracked data, the associated losses may exceed $10 million, involving Bitcoin and multiple EVM networks. In response to the news, RUNE dropped more than 10% that day.

Researchers tracked two major addresses.

On-chain researcher ZachXBT and security firm PeckShield stated that the suspected stolen funds primarily flowed to two addresses: one on the Bitcoin network and another on EVM-compatible chains, including Ethereum, BNB Smart Chain, and Base.

THORChain subsequently activated its defense measures and suspended protocol trading functions. As of publication, the project team has not disclosed the cause of the vulnerability or confirmed the scale of losses reported by researchers.

  • Estimated loss scale: Over $10 million
  • Disclosed Bitcoin loss: 36.75 BTC, approximately $3 million
  • Other asset size: approximately $7 million, distributed across multiple EVM networks

The protocol experienced active trading during the attack.

Prior to this incident, THORChain remained highly active. Reports showed that the protocol’s daily trading volume once reached $394 million. Previously, the hacker had also exploited this protocol to transfer stolen funds from the KelpDAO incident between Ethereum and Bitcoin.

THORChain has been involved in multiple risk events in recent years. In January 2025, the protocol suspended its ThorFi lending business amid allegations of insolvency and initiated a 90-day restructuring to address approximately $200 million in defaulted obligations.

Historical events are once again drawing attention.

In September 2025, THORSwap issued a bounty program following an attack. At the time, approximately $1.2 million was stolen from the personal wallet of THORChain founder John-Paul Thorbjornsen. ZachXBT later attributed the incident to North Korean hackers.

Cross-chain protocols, due to their complex architecture, have long been a high-risk target for attacks. CertiK previously reported that North Korean hackers stole approximately $2.1 billion in crypto assets in 2025, accounting for 60% of all crypto theft losses that year. Earlier this month, the DeFi platform TrustedVolumes also suffered a loss of approximately $6.7 million.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.