THORChain Halts Trading After $10M Exploit

THORChain, the decentralized cross-chain liquidity protocol that enables asset swaps between blockchains, has paused trading on its platform following reports by security researchers, including ZachXBT and PeckShield, that the platform was exploited for more than $10 million.

Following alerts from security researchers, THORChain halted all trading activities, citing abnormal and suspicious behavior it had detected. According to the team, one of its six Asgard vaults was compromised, resulting in a loss of approximately $10 million.

However, the team said in a post on X that user funds were safe and that only protocol-owned funds were affected.

“Investigation is still ongoing to determine the root cause. Contributors are actively working on the issue and we will report updates as we progress toward a solution,” the team said.

“We are asking all node operators to immediately review their infrastructure, hosts, key management systems, and operational security for any signs of compromise or abnormal behavior, and to report anything suspicious in Discord.”

Following the team's confirmation of the exploit, RUNE, the native crypto asset of THORChain, fell by nearly 15%, wiping out more than $27 million in market capitalization. Its market capitalization dropped to around $182 million. At the time of writing, RUNE was trading at $0.50, down 13.8% from its pre-hack price of $0.58.

Latest of Several Attacks

This is not the first time THORChain has been exploited by attackers. In 2021, it suffered three separate exploits, resulting in losses of over $16 million.

In the first exploit, it lost approximately $350,000 due to a vulnerability in the way the protocol handled ERC-20 deposits. In the second exploit, which occurred just one month after the first, THORChain suffered losses of between $4.9 million and $8 million. In the third exploit, the protocol lost about $8 million due to a refund logic vulnerability.

The THORChain exploits are among the latest and largest of the 11 decentralized finance exploits recorded this month. Exploits in decentralized finance remain widespread, with the previous quarter recording more incidents than the first quarter of 2025.

THORChain Halts Trading After $10M Exploit

However, the team said in a post on X that user funds were safe and that only protocol-owned funds were affected.

“Investigation is still ongoing to determine the root cause. Contributors are actively working on the issue and we will report updates as we progress toward a solution,” the team said.

Latest of Several Attacks

This is not the first time THORChain has been exploited by attackers. In 2021, it suffered three separate exploits, resulting in losses of over $16 million.