Earn up to 50% APR
Boost earnings with NFTs
Play, HODL & earn more
THORChain Halted All Trading After a Suspected $10.8 Million Exploit Across Four Chains
-
THORChain suspended all trading and signing after blockchain investigator ZachXBT flagged a suspected exploit of more than $10 million, with a global node pause extended for approximately 12 hours and 42 minutes. The halt came shortly after ZachXBT reported the protocol had likely been exploited across Bitcoin, Ethereum, BNB Chain, and Base simultaneously. A wallet labeled by Arkham as the THORChain exploiter showed $10.8 million in holdings, transferred across several smaller transactions in the 30 minutes before 10:11 AM UTC. THORChain's RUNE token fell approximately 13% following the news to trade near $0.51 — adding pressure to a token already down 72% over the past year. THORChain had not publicly confirmed the exploit at time of publication, though ZachXBT and blockchain security firm PeckShield both flagged suspicious activity, and the protocol's own alerts channel confirmed the trading and signing halt.
The suspected exploit adds to a brutal stretch for DeFi security.Hackers stole over $634 million during April 2026, the highest monthly total since the $1.46 billion stolen in February 2025 when the record $1.4 billion Bybit hack occurred, according to DefiLlama data. THORChain's position in the DeFi security conversation is complicated by its repeated use as a routing layer by major hack perpetrators — not as a mixer but as a cross-chain swap protocol that provides liquidity for moving stolen assets between chains. The attacker behind the $293 million Kelp DAO exploit swapped 75,700 ETH through THORChain in April, generating approximately $910,000 in protocol revenue in the process. The majority of the $1.4 billion stolen in the Bybit hack — approximately $1.2 billion — was moved through THORChain by hackers converting ETH to Bitcoin, according to Bybit's own CEO.
-
RUNE down 72% year preceding this adds 13% exploit drop to already severely damaged token value
-
ZachXBT found it before THORChain said anything
