The exploit leveraged a flaw in Truebit’s pricing logic, letting the attacker mint limitless TRU tokens and drain ETH reserves.
Truebit Protocol has suffered a serious safety breach ensuing within the lack of roughly $26.5 million in ETH.
The incident has additionally triggered a collapse within the worth of its native token, TRU, which plummeted by practically 100% inside hours.
Sensible Contract Breach
Blockchain safety agency PeckshieldAlert flagged the incident by way of X, stating that Truebit had fallen sufferer to an exploit that drained over 8,500 ETH, price roughly $26.5 million, from one among its sensible contracts.
On-chain information shows that the attacker took benefit of a vulnerability within the sensible contract’s pricing logic, which allowed them to mint TRU tokens without charge. The hacker then repeatedly minted and bought the tokens again into the protocol’s bonding curve, draining its ETH reserves by means of a speedy buy-sell cycle. The stolen funds have since been transferred to 2 addresses, 0x2735…cE850a and 0xD12f…031a6.
The exploit had a direct affect on the TRU token, inflicting its worth to drop nearly 100% inside hours and leaving it nugatory on most exchanges.
On the time of writing, the DeFi platform has confirmed that it’s conscious of the safety menace whereas additionally advising customers to keep away from interacting with the affected sensible contract. The group has not but launched a full autopsy, however said that it’s involved with regulation enforcement and is taking all essential measures to handle the problem.
Truebit Breach Linked to Sparkle Assault
Apparently, PeckShield has recognized the Truebit hacker as the identical particular person answerable for the Sparkle assault that occurred practically two weeks in the past. In that episode, the wrongdoer equally exploited a flaw within the challenge’s sensible contract to mint tokens at an artificially decreased price, which was then swapped for roughly 5 ETH. The stolen funds have been later routed by means of Twister Money, a privateness protocol generally used to cover transaction trails.
You might also like:
Total, crypto-related hacks reached a file excessive in 2025, with greater than $2.72 billion stolen, in line with TRM Labs. The yr started on a tough word in February, when North Korean hackers stole $1.5 billion from the centralized trade Bybit, the most important crypto exploit recorded to this point.
That incident set the tempo for the remainder of the yr, as TRM Labs reported an increase in additional organized {and professional} hacking exercise throughout the sector. Nonetheless, the pattern eased in direction of the top of the yr, with a current report exhibiting that such losses dropped by greater than 60% in December in comparison with figures recorded in November.
SECRET PARTNERSHIP BONUS for CryptoPotato readers: Use this hyperlink to register and unlock $1,500 in unique BingX Alternate rewards (restricted time supply).
