#THORChainHackCauses$10.7MLossCross-chain DeFi protocol THORChain suffered a major security breach after one of its six Asgard vaults was compromised, leading to losses estimated at roughly $10.7 million. The protocol automatically halted signing activity after detecting suspicious outbound transactions, limiting further damage.

Key reported details:

The exploit affected assets across Bitcoin, Ethereum, BNB Chain, and Base.

Investigators, including blockchain analyst ZachXBT, estimated losses at over $10M.

Preliminary findings suggest a newly churned validator node may have leaked key material tied to THORChain’s GG20 threshold-signature system.

THORChain stated that user funds were not directly impacted and losses were primarily protocol-owned liquidity and bonded RUNE collateral.

The incident triggered a sharp decline in RUNE, with the token falling roughly 15% after the exploit became public.

THORChain has since:

Paused validator churn operations

Delayed onboarding of new chains

Asked node operators to audit infrastructure and key-management systems

Warned users about fake refund and airdrop scams circulating after the breach

The attack is renewing scrutiny around “bridgeless” cross-chain infrastructure and threshold-signature security models in DeFi, especially because THORChain has experienced multiple major security incidents over the past few years.