Felix Pinkston
Could 15, 2026 11:57
THORChain paused buying and selling after a $10M multi-chain exploit flagged by ZachXBT. RUNE fell 13% as investigations start.
Decentralized liquidity protocol THORChain has halted buying and selling following a suspected $10 million exploit flagged by blockchain investigator ZachXBT. The protocol paused all exercise for about 12 hours after stories surfaced of funds being drained throughout a number of blockchains, together with Bitcoin, Ethereum, BNB Chain, and Base.
In keeping with knowledge from Arkham Intelligence, wallets linked to the exploiter held roughly $10.8 million in stolen funds, with transactions spreading throughout a number of blockchains. The breach was reportedly executed in a sequence of smaller transfers, with exercise ceasing by 10:11 AM UTC on Could 15, 2026. Safety agency PeckShield corroborated the findings, figuring out 36.75 BTC and different property as a part of the exploit.
Quick Fallout: RUNE Token Drops
THORChain’s native token RUNE noticed a pointy decline in response to the information, dropping 13% to commerce close to $0.51 by the tip of Could 15. CoinGecko knowledge exhibits the token is now down 72% year-over-year, with the newest exploit including stress to its already strained value motion. On the time of writing, RUNE’s 24-hour value change stood at -0.08%, reflecting lingering market uncertainty.
The exploit has additionally reignited issues about THORChain’s safety measures. As a non-custodial cross-chain protocol, THORChain permits customers to swap property throughout totally different blockchains, making it a frequent goal for malicious actors. Notably, in April 2026, the attacker behind the $293 million Kelp DAO exploit routed 75,700 ETH via THORChain, producing roughly $910,000 in charges for the protocol. Equally, hackers concerned within the $1.4 billion Bybit hack in February 2025 used THORChain to launder $1.2 billion value of stolen funds from ETH to BTC.
Broader DeFi Safety Considerations
This incident provides to a troubling development in decentralized finance (DeFi), the place exploits have surged in each frequency and scale. April 2026 alone noticed $634 million stolen throughout varied protocols, the very best month-to-month whole because the Bybit hack. The recurring use of THORChain in laundering stolen funds underscores the challenges inherent to cross-chain DeFi platforms, notably their susceptibility to abuse regardless of not being categorised as mixers like Twister Money.
On the time of publication, THORChain had but to concern a proper assertion confirming the exploit however did set off an emergency community pause to analyze. The protocol’s alerts channel indicated buying and selling and signing would stay disabled till block 26191149, or roughly 12 hours and 42 minutes after the halt.
Whereas the instant focus stays on recovering stolen funds and addressing safety gaps, the incident is prone to amplify requires stricter safeguards in DeFi protocols. For merchants, RUNE’s steep decline highlights the continued dangers related to initiatives dealing with safety challenges, and the token’s future efficiency will largely hinge on how THORChain handles the fallout.
Picture supply: Shutterstock
