Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    Inside the Trump Family’s $1.2B Crypto Windfall Who Paid the Price
    Inside the Trump Family’s $1.2B Crypto Windfall: Who Paid the Price?
    MiCA Deadline Hits Top Safe Crypto Platforms for EU Users in July 2026
    MiCA Deadline Hits: Top Safe Crypto Platforms for EU Users in July 2026
    MSTR, STRC, and Michael Saylor’s Pragmatic Turn Strengthening Credit in a Volatile Bitcoin Era
    MSTR, STRC, and Michael Saylor’s Pragmatic Turn: Strengthening Credit in a Volatile Bitcoin Era
    MiCA's July 1 Deadline What It Means for Your Crypto in Europe
    MiCA’s July 1 Deadline: What It Means for Your Crypto in Europe
    STRC Drops 19% Below Par Was Peter Schiff Right About Saylor Deceiving Investors
    STRC Drops 19% Below Par: Was Peter Schiff Right About Saylor Deceiving Investors?
  • Opinion
    OpinionShow More
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
    Is Crypto Dying, or Is Pump.fun Turning It Into an Attention Casino
    Is Crypto Dying, or Is Pump.fun Turning It Into an Attention Casino?
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
DeFi News

THORChain Exploit Update: No User Funds Were Lost

THORChain said the exploit impacted protocol-owned funds only, as investigators continue reviewing the GG20 TSS vulnerability with external security partners.

Written By Sharmistha Suman Sharmistha Suman
Fact Checked by Shubham Soni Shubham Soni
Published 2026-05-16·Updated 2 months ago
Make The Crypto Times preferred on GoogleGoogle
Share
THORChain Exploit Update No User Funds Were Lost

Key Highlights

  • THORChain confirmed that no user funds or LP positions were lost in the May 15 exploit.
  • The protocol warned users about fake refunds, airdrops, and compensation scams circulating online.
  • Investigators linked the attack to a malicious node exploiting a GG20 TSS vulnerability.

THORChain, a decentralized liquidity protocol, has released its second official incident update following the security exploit that occurred on May 15. The team alerted the community regarding an increase in impersonation accounts and misinformation campaigns spreading false claims regarding refunds, airdrops, and compensation programs.

According to the official update via X, the firm noted that no user funds were lost in the incident. At the same time, the protocol isn’t running any refund, airdrop, or compensation initiatives. The team requested users to rely only on official THORChain communication channels and avoid any unsolicited messages or fake accounts claiming otherwise. 

THORChain incident update #2
We have become aware of multiple fake accounts and false information circulating regarding “refunds”, “airdrops”, compensation claims, and other alleged initiatives.

To be absolutely clear:
– Initial findings indicate that no user funds were…

— THORChain (@THORChain) May 16, 2026

THORChain contributors are actively investigating the exploit with THORSec and external security partners. The protocol assured that more information would be provided as the investigation progresses. 

Background of the incident 

On May 15, the first update on the incident revealed that a newly churned node, thor16ucjv3v695mq283me7esh0wdhajjalengcn84q, was associated with the attack. According to the investigators, a single malicious actor exploited the vulnerability in the GG20 TSS (Threshold Signature Scheme) implementation. 

This permitted the gradual leakage of vault key material, allowing the attacker to eventually reconstruct the vault’s private key and execute unauthorized outbound transactions. Estimates place the losses at roughly $10 million to $10.8 million across multiple blockchains, including Bitcoin, Ethereum, BNB Chain, and Base.

User swaps and liquidity provider (LP) positions weren’t impacted directly. The automatic safeguards of the network initiated a pause on signing activity, hindering any further damage, which resulted in a temporary halt of the network. 

Trading, LP actions, and sensitive operations remain paused while recovery discussions continue. Potential remediation options under consideration include slashing the bonds of affected nodes and using Protocol-Owned Liquidity (POL) to absorb losses.

Current status of investigation 

THORChain contributors are working along with THORSec and external partners such as Outrider Analytics to conduct a thorough investigation. The team anticipates RUNE transfers and chain observation to resume after the pause ends, subject to node decisions. 

However, full trading and sensitive operations will be suspended until a comprehensive recovery plan is approved by the community and node operators; bridging the network back to full functionality may take a few days. 

Issues in decentralized cross-chain infrastructure

This incident sheds light on the issues that exist within decentralized cross-chain infrastructure systems, specifically in the use of threshold signature schemes. Despite the protocol’s ability to withstand threats by implementing pausing methods and open communication channels, the next few days are crucial to rebuilding trust.

Users are encouraged to do the following:

  • Follow only authorized THORChain sources
  • Do not click any unknown links or provide wallet credentials.
  • Monitor official updates for the resumption of services.

Also Read: Crypto Market Today: BTC Drops to $78,000; Altcoins ETH, SOL, XRP Follow

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

TAGGED:Crypto Hack
Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link
Sharmistha Suman
By Sharmistha Suman
Sharmistha Suman is a Crypto Journalist at The Crypto Times, based in Bhopal, Madhya Pradesh. She covers Bitcoin and Ethereum price action, Indian crypto regulation, and emerging Web3 protocols, with a particular focus on how Indian retail and institutional investors participate in the global digital asset market. She joined The Crypto Times in April 2026. Sharmistha has been writing on cryptocurrency and blockchain since 2022. Before joining The Crypto Times, she contributed to The News Crypto and Todayq, and produced independent research on Indian crypto adoption, the country's evolving regulatory framework, and the developer ecosystems building on Ethereum and Solana. She holds a Master's degree in Digital Journalism and a Bachelor's degree in Journalism and Creative Writing, both from Makhanlal Chaturvedi National University of Journalism and Communication in Bhopal.
Shubham Soni
By Shubham Soni
Follow:
Shubham Soni is the Editor at The Crypto Times, based in Ujjain, Madhya Pradesh. He oversees the editorial desk, reviewing daily news coverage of cryptocurrency markets, US and Indian regulation, institutional adoption, the Solana ecosystem, AI agents, and Real World Assets (RWAs). All policy and markets coverage at The Crypto Times passes through his desk before publication. Before joining The Crypto Times in October 2025, Shubham managed news desks at Sportskeeda and Opoyi, covering global politics, sports, and entertainment for high-volume newsrooms serving the US and Indian markets. His four years in fast-paced newsrooms shaped his approach to fact-checking, source verification, and structural editing on complex stories. Shubham holds a Master's degree in Journalism from Makhanlal Chaturvedi National University of Journalism and Communication (Bhopal) and a Bachelor's degree in Journalism from Amity University Rajasthan. 

Latest News

South Korea FSS Urges Crypto CEOs to Tighten Controls
South Korea FSS Urges Crypto CEOs to Tighten Controls
SOL Breaks Above $80 Solana Launches Onchain Governance Proposals (SGPs)
SOL Breaks Above $80 Solana Launches Onchain Governance Proposals (SGPs)
Crypto Markets Ignite Pump Bitcoin Price Surges Past $61K, ETH Surges 5%
Crypto Markets Ignite Pump: Bitcoin Price Surges Past $61K, ETH Surges 5%
Circle and Standard Chartered Launch Bank-Led USDC Minting
Circle and Standard Chartered Launch Bank-Led USDC Minting
Binance Set to Enter Philippines After SEC Sandbox Approval
Binance Set to Enter Philippines After SEC Sandbox Approval

Find Us on Socials

You may also like

Polygon Shuts Down Its Once-Flagship $250M zkEVM on July 1

Polygon Shuts Down Its Once-Flagship $250M zkEVM on July 1

Edel Finance Hacked $403K Stolen as Attacker Moves Funds to Tornado Cash

Edel Finance Hacked: $403K Stolen as Attacker Moves Funds to Tornado Cash

Taiko Reaches Key Recovery Stage Following $1.7M Security Breach 

Taiko Reaches Key Recovery Stage Following $1.7M Security Breach 

AIDC Token Burn Bug Exploit Drains $121K From PancakeSwap

AIDC Token Burn Bug Exploit Drains $121K From PancakeSwap

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information