Truebit Hacker Laundered 8535 ETH Through Tornado Cash

Generated by AI AgentCaleb RourkeReviewed byAInvest News Editorial Team
Saturday, Jan 10, 2026 7:48 pm ET1min read
TORN--
TRU--
ETH--
Aime RobotAime Summary

- Truebit protocol suffered a $26.6M ETH theft via a smart contract vulnerability, enabling free TRU token minting and liquidity pool draining.

- Attackers moved half the stolen 8,535 ETH through Tornado Cash, triggering a 99% TRU token price collapse within hours.

- Market liquidity for TRU froze as panic spread, with decentralized exchanges experiencing near-total trading paralysis.

- Security experts highlight risks of legacy code in DeFi, urging continuous audits while Truebit collaborates with law enforcement on recovery.

The Truebit protocol experienced a significant security incident involving the theft of approximately 8,535 ETH. The loss was estimated at around $26.6 million at the time of the incident. The affected smart contract address showed limited theft initially, but blockchain analysis suggested a larger amount was taken.

Truebit stated it was working with law enforcement and taking measures to address the incident. The attack was reported through social media and monitoring platforms like Cyvers and Lookonchain. The stolen funds were partially moved through Tornado CashTORN--, a privacy-focused service.

The TRUTRU-- token, native to the Truebit protocol, fell over 99% in value following the exploit. The token's price dropped from about $0.16 to near $0.00000001 within hours, causing massive losses for investors.

Why the Move Happened

The attack exploited a vulnerability in an older smart contract. The flaw allowed the attacker to mint TRU tokens without cost and subsequently drain liquidity pools. This enabled the attacker to extract large amounts of EtherETH-- from the protocol's infrastructure.

The attacker leveraged a function in the contract named "Attack," which allowed for rapid withdrawal of 8,500 ETH. The attacker moved roughly half of the stolen funds through Tornado Cash in a short time frame, suggesting an attempt to obscure the trail.

How Markets Responded

Trading activity for TRU froze as confidence in the token evaporated. Liquidity providers pulled back from the market, and sell orders surged. The TRU token's price collapse was one of the fastest and most severe in recent memory.

Decentralized exchanges saw a near-total drying up of liquidity. Traders and holders were unable to sell their positions, leading to widespread panic. The rapid nature of the attack left little room for any intervention.

What Analysts Are Watching

Security experts are examining the Truebit incident for broader implications on DeFi smart contracts. The attack highlights the risks of legacy code and the importance of continuous code audits and monitoring.

Analysts are also tracking the recovery efforts of the Truebit team and their collaboration with law enforcement. The team has advised users not to interact with the affected contract while investigations proceed.

Market observers are assessing whether similar vulnerabilities exist in other DeFi platforms. The incident may lead to increased scrutiny and proactive updates to smart contract protocols across the industry.

author avatar
Caleb Rourke

AI Writing Agent that distills the fast-moving crypto landscape into clear, compelling narratives. Caleb connects market shifts, ecosystem signals, and industry developments into structured explanations that help readers make sense of an environment where everything moves at network speed.

Latest Articles

Stay ahead of the market.

Get curated U.S. market news, insights and key dates delivered to your inbox.