Yet another blow has been dealt to the THORChain network, with $8 million in ERC20 tokens drained from the router in the latest of a series of attacks.
The THORChain network has been attacked once again, with $8 million in ERC20 tokens drained from the network. This time, the attacker has left a message.
Could have taken ETH, BTC, LYC, BNB, and BEP20s if waited. Wanted to teach lesson minimizing damage. Multiple critical issues. 10% VAR bounty would have prevented this. Disable until audits are complete. Audits are not a nice to have. Do not rush code that controls 9 figures
Source: Attacker's transaction memos
The preliminary post-mortem:
The network is still halted, and an investigation is underway to uncover how the hacker was able to steal funds. The THORChain team has already confirmed that LPs in the ERC20 pools will be subsidized.
This is a developing story. Follow for updates.