One Hacker, Two Successful Breaches into Thorchain’s Protocol, Steals US$ 10 M Worth of Crypto

On two different occasions within a period of fewer than 15 days, the security protocols of Thorchain have been breached twice by one particular hacker. The firm loses US$ 10 Million approximately as a result of the successful breaches by the hacker. Interestingly, the hacker also left a note suggesting to the firm what security protocols can ensure the future safety of the funds of Thorchain’s users.

It was a few days ago when Thorchain made headlines because the firm was met with a crypto hack attack. It was reported that the hacker managed to breach into security protocols of Thorchain and stolen approximately 4,000 units of Ethereum (ETH). The company’s estimated loss was reported to be at least US$ 8 Million.

However, in less than 15 days’ time, there is now another instance of the occurrence of a hack attack. Reportedly, this time also the hacker is the same who had earlier successfully breached into Thorchain and stolen Ethereum funds.

Thorchain, which is a decentralized crypto exchange also featuring Automated Market Maker (AMM), has become a victim of twice hacking attempts. Both of the attempts were successful and granted full access to its acclaimed Decentralized-Finance (DeFi) network to the hacker. The crypto exchange firm Thorchain is widely popular for offering opportunities for liquidity pooling.

When the hacks occurred, the firm’s liquidity pooling was locked at a value of US$ 101.75 Million.

The second hack attack was aimed towards Thorchain’s Bifrost, a component of router contracts for Ethereum. Because of the successful hack attempt, a further loss of US$ 8 Million has been caused upon Thorchain. Interestingly, the hacker was found to be the same who was the perpetrator of the earlier hack attack.

After committing the hack attack, the criminal also left behind a note suggesting preventive measures for Thorchain. He suggested in his note that when he carried out the first attack, the Routing contracts were prone to risks even that time. However, the firm could have avoided the second hack attack, if it had employed preventive features.

The hacker then advised Thorchain about the stepwise procedure that is required to prevent future hack attacks. This is the first time in hacking history that a firm has been victimized twice in less than 15 days by the same hacker. The attack has exposed the incompetence of the developers of Thorchain’s protocols and their negligence.

It has been complained by Thorchain’s developers that the hackers could be the “whitehat hacker”. Thorchain initially believed that the loss was US$ 8 Million, however, it now estimates the loss exceeding US$ 10 Million.

Meanwhile, in order to keep their customers calm, Thorchain has already announced a refund of their looted money. The firm has also engaged the services of a security firm for carrying out the audit of DeFi’s codes.