A major exploit targeting Thorchain has triggered renewed concerns about the security of cross-chain infrastructure in decentralized finance, with estimated losses now reportedly exceeding $10 million.
Blockchain analytics platform Arkham Intelligence identified several suspicious wallets connected to the attack, labeling them as “THORChain Exploiter” addresses. One Bitcoin-linked wallet alone reportedly holds nearly 36.85 BTC — valued at roughly $3 million — while another Ethereum wallet contains over 216 ETH.
Losses Continue to Climb
Initial estimates from on-chain investigator ZachXBT placed the losses at around $7.4 million. However, updated findings now suggest the total stolen assets may exceed $10 million across multiple blockchain ecosystems.
Security firm PeckShield independently confirmed the exploit, estimating that attackers extracted:
- Approximately 36.75 BTC worth close to $3 million
- Roughly $7 million in additional assets from Ethereum, BNB Chain, and Base
The stolen funds remain visible on-chain for now, sitting in publicly flagged wallets monitored by security researchers.
Cross-Chain Infrastructure Becomes the Target
THORChain is a decentralized cross-chain liquidity protocol that allows users to swap assets between different blockchains without using centralized exchanges.
While this architecture enables seamless interoperability across ecosystems, it also increases technical complexity — and with it, potential attack surfaces.
According to reports, the exploit impacted multiple networks simultaneously, including:
- Bitcoin
- Ethereum
- BNB Chain
- Base
The incident once again highlights the growing risks surrounding cross-chain bridges and routing systems, which have become frequent targets for sophisticated exploits in the DeFi sector.
Markets React as RUNE Drops
Following news of the breach, THORChain’s native token RUNE reportedly fell nearly 14%, briefly sliding toward the $0.50 range as traders reduced exposure amid uncertainty.
So far, the THORChain team has not publicly released detailed information regarding:
- The full scope of the exploit
- The technical cause of the attack
- Recovery or mitigation plans
- Potential reimbursement mechanisms
The lack of immediate communication has added to market anxiety, especially given THORChain’s history with previous security incidents.
A Familiar Pattern in DeFi
The latest exploit adds to a long list of attacks targeting cross-chain infrastructure across decentralized finance.
Bridges and interoperability protocols often require highly complex smart contract systems operating across multiple chains simultaneously. While these systems improve liquidity and user accessibility, they also introduce additional vulnerabilities that attackers continue to exploit.
For now, blockchain investigators continue monitoring the flagged wallets as the broader crypto community waits for an official response from the THORChain team.
