The THORChain protocol was attacked by a hacker for the second time in a month. Developers estimated the damage at around $8 million in ETH.
THORChain has suffered a sophisticated attack on the ETH Router, around $8m. The hacker deliberately limited their impact, seemingly a whitehat.
ETH will be halted until it can be peer-reviewed with audit partners, as a priority.
LPs in the ERC-20 pools will be subsidised.
— THORChain (@THORChain) July 23, 2021
Representatives of the project, in comments to CoinDesk, clarified that the attacker deployed a special contract. Using it, he forced the THORChain protocol, Bifrost, to accept fake assets, and withdrew them as real assets.
One Twitter user posted a screenshot with a message in which the hacker stated that he deliberately minimised the damage from the exploit. According to him, many BEP-20 tokens, as well as funds in Ethereum, Bitcoin, Binance Coin and Lycancoin, could have been stolen.
message from hacker… pic.twitter.com/1j8wOPcYHa
— zillaQuest!? (@zillaQuest) July 23, 2021
“I wanted to teach a lesson […]. A 10% reward would have prevented the incident. Disconnect until you pass the audit,” wrote an anonymous person, advising not to rush with the code.
As reported on July 16, the THORChain team reported the attack and asked organizers to get in touch to discuss returning funds and paying an adequate reward for discovering the vulnerability.
Follow ForkLog news on Twitter!