Truebit Protocol has suffered a significant safety breach ensuing within the lack of roughly $26.5 million in ETH.
The incident has additionally triggered a collapse within the worth of its native token, TRU, which plummeted by practically 100% inside hours.
Sensible Contract Breach
Blockchain safety agency PeckshieldAlert flagged the incident through X, stating that Truebit had fallen sufferer to an exploit that drained over 8,500 ETH, price roughly $26.5 million, from one among its good contracts.
On-chain information reveals that the attacker took benefit of a vulnerability within the good contract’s pricing logic, which allowed them to mint TRU tokens for free of charge. The hacker then repeatedly minted and offered the tokens again into the protocol’s bonding curve, draining its ETH reserves by a speedy buy-sell cycle. The stolen funds have since been transferred to 2 addresses, 0x2735…cE850a and 0xD12f…031a6.
The exploit had an instantaneous impression on the TRU token, inflicting its worth to drop nearly 100% inside hours and leaving it nugatory on most exchanges.
On the time of writing, the DeFi platform has confirmed that it’s conscious of the safety risk whereas additionally advising customers to keep away from interacting with the affected good contract. The group has not but launched a full autopsy, however said that it’s in touch with legislation enforcement and is taking all obligatory measures to deal with the problem.
Truebit Breach Linked to Sparkle Assault
Apparently, PeckShield has recognized the Truebit hacker as the identical particular person answerable for the Sparkle assault that occurred practically two weeks in the past. In that episode, the offender equally exploited a flaw within the undertaking’s good contract to mint tokens at an artificially decreased price, which was then swapped for about 5 ETH. The stolen funds had been later routed by Twister Money, a privateness protocol generally used to cover transaction trails.
Total, crypto-related hacks reached a report excessive in 2025, with greater than $2.72 billion stolen, in response to TRM Labs. The yr started on a tough be aware in February, when North Korean hackers stole $1.5 billion from centralized alternate Bybit, the most important crypto exploit recorded thus far.
That incident set the tempo for the remainder of the yr, as TRM Labs reported an increase in additional organized {and professional} hacking exercise throughout the sector. Nevertheless, the pattern eased towards the tip of the yr, with a current report displaying that such losses dropped by greater than 60% in December in comparison with figures recorded in November.
The publish Truebit Suffers $26.5M Loss in First Main DeFi Hack of 2026 appeared first on CryptoPotato.