- Hackers are reportedly shifting assets across Bitcoin, Ethereum, BNB Chain, and Base.
- The incident first popped up on Telegram channels tied to ZachXBT, and then on X.
- ZachXBT also reported that after this incident, THORChain paused trading.
Cross‑chain liquidity protocol THORChain appears to have been hit by a big hack affecting multiple blockchains, according to on‑chain sleuth ZachXBT and other crypto intelligence accounts tracking suspicious fund movements.
Early estimates put the stolen funds at over $7.5 million, and the hackers are reportedly shifting assets across multiple chains such as Bitcoin, Ethereum, BNB Chain, and Base.
The incident first popped up on Telegram channels tied to ZachXBT, then spread further when crypto intel accounts on X picked it up.
ZachXBT later publicly responded on X, confirming that suspicious money movements tied to the hack are still being tracked. After additional efforts, he then also stated that the money stolen is actually over $10 million.
The on‑chain investigator also reported that after this incident, THORChain paused trading. There are still no official statements or details on how the hack happened.
THORChain’s Vulnerability to Cross-Chain Risk
THORChain works differently from most DeFi platforms since it focuses on native cross‑chain swaps and routing liquidity across blockchains.
Unlike protocols that only run on one blockchain, cross‑chain systems have more ways to be attacked. This includes elements like bridge logic, validator coordination, liquidity vaults, and handling transactions across multiple networks.
In fact, from a security standpoint, cross‑chain systems have always been one of the riskiest areas in crypto.
A Big Number of Hacking Incidents
This latest incident is yet another in the heap of crypto security incidents throughout 2026, with DeFi exploits exceeding $600 million in April 2026 alone.
The current year has seen around 47 attacks in the first 4.5 months, compared to 28 incidents during the same period in 2025. This means that hack frequency surged roughly 68% year-over-year.
CertiK, the blockchain security auditor, shared a recent report on crypto threats. The company warned that advanced state-backed hacking groups (primarily from North Korea) are increasingly targeting decentralized finance protocols, cross‑chain systems, Web3 infrastructure, and developer environments. Methods include both technical exploits and social engineering tactics.
According to DefiLlama, more than $16.5 billion has been hacked across crypto historically, including approximately $7.74 billion from DeFi and $2.9 billion from bridge exploits.
Related: Kelp DAO Hacker Launders $80M via THORchain, Activity Spikes
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
