THORChain has paused trading due to a significant multi-chain exploit that may have drained over $10 million in crypto assets. The attack reportedly involved withdrawals of 36.75 BTC and additional assets from various chains.
Mentioned in this story
Cross-chain DeFi protocol THORChain has suspended trading, following what appears to be a significant multi-chain exploit that may have depleted over $10 million in cryptocurrency assets. Suspicious withdrawals involving Bitcoin, Ethereum, BNB Chain, and Base-linked assets have been reported by security researchers and on-chain investigators such as PeckShield.
Early tracking data indicates that the attackers allegedly took about 36.75 BTC, or about $3 million, along with an additional $7 million in assets that were bridged across several chains. Both Bitcoin and Ethereum-compatible networks’ publicly known wallet addresses were linked to the stolen funds.
#PeckShieldAlert @THORChain has been exploited for ~$10M worth of crypto, including 36.75 $BTC ($3M) and ~$7M worth of assets from #BNBChain, #Ethereum, and #Base.
The stolen funds mainly sit in:
bc1ql4u94klk265lnfur2ujk9p6uh52f2a8jhf6f37… pic.twitter.com/mhWIWueVPK— PeckShieldAlert (@PeckShieldAlert) May 15, 2026
Following the incident, THORChain stopped trading, probably to avoid further liquidity drains or cascading exploits across linked pools. Because THORChain serves as essential infrastructure for decentralized cross-chain swaps, disruptions may affect all of the ecosystems, wallets, aggregators, and liquidity suppliers.
DeFi security is already experiencing hardship. Exploits, bridge attacks, governance breaches, and wallet-draining malware campaigns have plagued the industry in recent months. When a layer fails, interconnected DeFi systems can quickly spread contagion, as demonstrated by recent attacks on major protocols.
THORChain experienced a multi-chain exploit that resulted in the suspension of trading and the potential loss of over $10 million in cryptocurrency assets.
The attackers allegedly stole approximately 36.75 BTC, valued at about $3 million, along with an additional $7 million in assets from other chains.
THORChain paused trading to prevent further liquidity drains and to mitigate the risk of cascading exploits across linked pools.
The crypto market structure bill has advanced from the Senate Banking Committee, marking a significant step towards a floor vote. Bipartisan support has emerged, but unresolved issues remain that could affect Democratic backing.
Strategy plans to repurchase $1.5 billion in convertible debt and may sell Bitcoin to fund it.
Analyst Tice says Ethereum's rise to $4,000 is imminent, citing strong technicals.
Discover Myriad: A New Platform for Prediction Markets
Bitcoin struggles below $79K as inflation fears outweigh CLARITY Act progress.
Payward, Kraken's parent company, cuts 150 jobs as it prepares for an IPO.
See every story in Crypto — including breaking news and analysis.
Because cross-chain protocols integrate complicated smart contracts, multiple consensus systems, bridge infrastructure, and liquidity management into a single environment, security experts have frequently cautioned that they continue to be one of the most hazardous attack surfaces in cryptocurrency.
Additionally, when protocols lack hardened security layers, academic research has demonstrated how DeFi composability, flash loans, and transaction ordering vulnerabilities create highly exploitable conditions.
Until an official post-mortem and security assessment are made public, anyone with assets linked to THORChain-integrated wallets, routers, or liquidity pools should refrain from using the protocol. Revoke unnecessary wallet approvals, keep a close eye on official THORChain channels, and stay away from phishing links that take advantage of the incident’s panic.
Decentralization does not completely remove risk, despite common beliefs the market had a few years ago. DeFi continues to function in a setting where a single vulnerability could instantly freeze billions of dollars in liquidity.