🔴BREAKING: @Truebitprotocol ($TRU) gets wrecked $26M exploit drains 8,535 ETH, token crashes ~99.9% in hours

- First major DeFi hack of 2026 hits an OG @ethereum project (Truebit, around since ~2017 for off-chain verifiable computation).

👉On Jan 8, attackers exploited a vulnerability in an old Purchase/mint smart contract (address: 0x764C64b2A09b09Acb100B80d8c505Aa6a0302EF2 —deployed ~5 years ago).

🟢How it went down (from security reports):

- Root cause: Mispriced minting function (math error/pricing logic flaw, likely integer overflow or bad large-volume pricing).
- Hacker minted massive amounts of $TRU basically for free, then dumped into liquidity pools to drain ETH reserves.
- Attacker wallet (0x6C8E...2b50) stole 8,535 ETH ($26.5M at the time).
~50% of funds quickly routed through Tornado Cash for laundering.

⛳Immediate fallout:

$TRU tanked from ~$0.16 to near zero ($0.0000000029 or similar dust levels) liquidity pools drained, market cap basically wiped.

@Truebitprotocol team confirmed the incident: "Security incident involving malicious actors" urged everyone to STOP interacting with the affected contract until further notice.

- They're working with law enforcement, but no recovery/compensation plan announced yet (chances low, as usual in these cases).

- Some price "recovery" mentioned, but with zero liquidity, holders are stuck many long-term OGs from 2021 reporting total losses.

- This is a classic legacy contract nightmare: Old code, hidden vulns, no recent audits/updates = easy prey. PeckShield/Cyvers flagged it fast, and analysts note the same hacker hit Sparkle ~12 days earlier for smaller gains.

Lessons for everyone in crypto right now:
Even "established" projects aren't safe - audit once ≠ safe forever.

DYOR on contract age, audits, and liquidity risks.
Not your keys... well, you know.

❓What do you think is Truebit done for good, or can they rebuild?

Ever been rugged by a legacy exploit? Share your stories below
✅Bookmark this as a warning for 2026 DeFi plays!