THORChain Suffers $10.7M Exploit, Trading Halted Amid Security Concerns

Severity: High (Score: 67.8)

Sources: Theblock.Co, Pluang, www.theblock.co, Thedefiant, Trmlabs

Summary

On May 15, 2026, THORChain paused trading operations after a security breach was detected, resulting in an estimated loss of approximately $10.7 million. The exploit, traced by blockchain researchers ZachXBT and PeckShield, affected multiple blockchain networks including Bitcoin, Ethereum, BNB Smart Chain, and Base. The attackers exploited vulnerabilities in the protocol's Asgard vaults, leading to unauthorized transactions. THORChain's RUNE token fell by 11% following the incident, trading at around $0.52. The protocol had previously faced scrutiny for its handling of funds linked to North Korean hackers. As of now, THORChain's development team is investigating the root cause of the breach and has halted certain operations to prevent further losses. This incident adds to a series of security challenges faced by THORChain in recent years. Key Points: • THORChain lost approximately $10.7 million due to a security exploit on May 15, 2026. • The exploit affected multiple blockchain networks, including Bitcoin and Ethereum. • Trading operations have been paused while the development team investigates the breach.

Key Entities

• Lazarus Group (apt_group)
• Data Breach (attack_type)
• Bybit (company)
• Kelp DAO (company)
• KelpDAO (company)
• TrustedVolumes (company)
• Base (company)
• THORChain (platform)
• Avalanche (platform)
• Base Chain (platform)
• Binance Smart Chain (platform)
• Bitcoin (platform)
• North Korea (country)