ThorChain and Versus lose more than $20M in separate DeFi exploits
THORChain, a decentralized crypto exchange (DEX), and Verus, a so-called blockchain bridge, have become the latest costly examples of the recent wave of exploits in the decentralized finance (DeFi) industry. In one case, a fix would have taken just ten lines of code.
First, last Friday, blockchain analysts flagged that the DEX had been exploited for $10 million. According to security experts from PeckShield, around 36.75 bitcoin (BTC) and another $7 million in other assets were stolen.
However, the team behind THORChain claims that no user funds were lost in the incident, as scammers are trying to trick protocol users with "refunds" traps.
While the team hasn't shared more details about the incident investigation, its preliminary findings indicate that the attacker may have reconstructed a private key to the protocol's vault and gained access to the now-stolen crypto assets.
The network, trading, and other "sensitive operations" were paused. In either case, this is not the first time the THORChain protocol and its team have been exploited.
In September 2025, THORChain founder John-Paul Thorbjornsen reportedly lost $1.35 million to North Korean hackers. THORChain has been repeatedly criticized, even within the crypto industry, for helping criminals, including North Korean hackers, launder stolen funds.
Ten lines of code would have stopped $11.6M Verus hack
Meanwhile, on Sunday, another DeFi protocol, Verus, lost at least $11.6 million, according to blockchain analysts. Crypto security experts at Blockaid said that the attacker likely exploited a gap in how this blockchain bridge verifies cross-chain transactions, which could be fixed with around 10 lines of code.
"The attacker sent a low-value transaction to the bridge contract and invoked a specific function (0x8c49b257), causing the bridge contract to directly transfer out reserved assets in bulk to the drainer. This is most likely due to cross-chain message validation/signature forgery, withdrawal logic bypass, or access control vulnerabilities," security experts from GoPlus added.
The Verus Network has been halted, and the investigation is still ongoing. The team has also urged its users not to fall victim to "refund" scams.
The price of Verus coin is almost unchanged over the week, recovering around half of its losses after a drop on Sunday, while Rune, the native token of THORChain, is down 27% in the past seven days, failing to rebound after the exploit.
Unlock more exclusive Cybernews content on YouTube.
