THORChain concludes 2 security audits following summer exploits

Published at: Oct. 28, 2021

Cross-chain liquidity protocol THORChain has fully recovered from two summer exploits that compromised millions of dollars in user funds after the company announced Thursday that it had received passing grades in a new security audit. 

The simultaneous audits, which were carried out by cybersecurity companies Trail and Bits and Halborn, allowed THORChain to implement a five-step recovery plan. THORChain’s contributors now say the protocol is fully operational after a restart brought all the major cryptocurrency integrations and cross-chain trading features back online.

In addition to the audit, THORChain announced that it has commissioned Immunefi, a leading bug bounty platform for the DeFi sector, with a bounty program to identify new vulnerabilities as they arise.

The launch of THORChain earlier this year came with much fanfare, as it marked an important evolution in decentralized exchanges. In July, however, the platform suffered two multi-million-dollar security breaches, the first being a $7.6 million Ether (ETH) exploit that generated significant backlash. As Cointelegraph reported, network activity was halted as developers investigated the extent of the damages.

Related: THORSwap closes investment round as cross-chain DEXs take center stage

Roughly one week later, a white hat attacker drained the protocol of roughly $8 million worth of ETH, but would later request a 10% bounty for returning the funds. The two thefts capped off a horrible month for THORChain, with even its biggest supporters calling for a slowdown in project ambitions.

Thorchain has had a horrible month, not going to sugar coat it. Bleh The project needs to slow down. Time to take the tortoise strategy. Regardless, I remain a committed supporter, and am glad these issues are being discovered during chaosnet. https://t.co/gcWCyFYuTI

— Erik Voorhees (@ErikVoorhees) July 23, 2021

Security breaches are nothing new for the cryptocurrency market, with DeFi emerging as a popular attack vector for cybercriminals. According to industry sources, roughly $1.2 billion has been lost to DeFi exploits. That figure omits the recent nine-figure exploit of Cream Finance, which suffered a major flash loan hack on Wednesday.

Tags
Related Posts
DeFi hacks and exploits total $285M since 2019, Messari reports
Decentralized finan’s rising popularity since 2019 has seen the emerging market segment become a target for hackers and opportunistic profiteers. According to a report by crypto research company Messari, DeFi protocols have lost about $284.9 million to hacks and other exploit attacks since 2019. This figure is about 0.65% of the adjusted total value locked of the Ethereum-based DeFi market, according to data from DappRadar. In February Messari calculated that over $284 million in DeFi was lost to hacks since 2019 At this point in time, the decentralized insurance industry only covers a fraction of TVL in DeFi. The need …
Blockchain / April 29, 2021
DeFi attacks are on the rise — Will the industry be able to stem the tide?
The decentralized finance (DeFi) industry has lost over a billion dollars to hackers in the past couple of months, and the situation seems to be spiraling out of control. According to the latest statistics, approximately $1.6 billion in cryptocurrencies was stolen from DeFi platforms in the first quarter of 2022. Furthermore, over 90% of all pilfered crypto is from hacked DeFi protocols. These figures highlight a dire situation that is likely to persist over the long term if ignored. Why hackers prefer DeFi platforms In recent years, hackers have ramped up operations targeting DeFi systems. One primary reason as to …
Adoption / May 14, 2022
Developers need to stop crypto hackers — or face regulation in 2023
Third-party data breaches have exploded. The problem? Companies, including cryptocurrency exchanges, don’t know how to protect against them. When exchanges sign new vendors, most just innately expect that their vendors employ the same level of scrutiny as they do. Others don’t consider it at all. In today’s age, it isn’t just a good practice to test for vulnerabilities down the supply chain — it is absolutely necessary. Many exchanges are backed by international financiers and those new to financial technologies. Many are even new to technology altogether, instead backed by venture capitalists looking to get their feet wet in a …
Bitcoin Regulation / Nov. 3, 2022
LayerZero bridging protocol denies accusation of 'critical vulnerabilities'
Summa founder James Prestwich has accused the $382 million LayerZero bridging protocol of hosting a “critical vulnerability.” According to a Jan. 30 post by Prestwich, this vulnerability “could result in theft of all user funds.” LayerZero CEO Bryan Pellegrino has called Prestwich’s accusation “absolutely shocking” and “wildly dishonest,” claiming that the vulnerability only applies to applications that don’t modify the default configuration. Absolutely shocking that a competitor would put out a wildly dishonest post about us. Happy to have @zellic_io @osec_io @ZOKYO_io or any other of the auditing firms come comment and dispel but let me summarize. If you set …
Decentralization / Jan. 31, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023