Cybercriminals are increasingly using DeFi as an attack vector. THORChain suffered two major exploits in July, following a highly ambitious launch.
Protocol for cross-chain liquidity THORChain has fully recovered from two summer exploits that resulted in the loss of millions of dollars in user funds. The company announced on Thursday that it had passed a new security audit.
The simultaneous audits performed by cybersecurity firms Trail of Bits and Halborn enabled THORChain to implement a five-step recovery plan. Contributors to THORChain now claim that the protocol is fully operational following a restart that restored all major cryptocurrency integrations and cross-chain trading features.
THORChain also announced that it has commissioned Immunefi, a leading bug bounty platform for the DeFi sector, with a bounty program to identify new vulnerabilities as they emerge.
The launch of THORChain earlier this year was met with much fanfare, as it represented a significant advancement in decentralized exchanges. However, in July, the platform experienced two multi-million-dollar security breaches, the first of which was a $7.6 million Ether (ETH) exploit that sparked widespread outrage. Network activity was halted while developers investigated the extent of the damage.
Approximately one week later, a white hat attacker drained the protocol of approximately $8 million in ETH, but later requested a 10% bounty for returning the funds. The two thefts capped off a disastrous month for THORChain, with even its staunchest supporters urging a reduction in project ambitions.
Thorchain has had a horrible month, not going to sugar coat it. Bleh 😩
The project needs to slow down. Time to take the tortoise strategy.
Regardless, I remain a committed supporter, and am glad these issues are being discovered during chaosnet. https://t.co/gcWCyFYuTI
— Erik Voorhees (@ErikVoorhees) July 23, 2021
Security breaches in the cryptocurrency market are nothing new, with DeFi emerging as a popular attack vector for cybercriminals. According to industry sources, DeFi exploits have cost the industry approximately $1.2 billion. This figure does not include the recent nine-figure exploit of Cream Finance, which was hit with a major flash loan hack on Wednesday.