Ethereum Protocol Truebit Under Exploitation Scandal: Full Analysis of the $26 Million Theft Incident

Ethereum verification and computation protocol Truebit was attacked and exploited due to a contract vulnerability on Thursday, resulting in a loss of over $26 million overnight. This serious security incident has sparked widespread concern within the crypto community and further exposed the increasing risks of old contract attacks in the industry. Following the incident, the native token TRU was ruthlessly sold off, with its price plummeting from $0.16 to nearly zero.

Smart contracts deployed five years ago become attack entry points

According to on-chain analysis platform Lookonchain’s tracking data, the stolen assets amount to as many as 8,535 ETH, worth approximately $26.6 million. Independent security researcher Weilin Li revealed through in-depth analysis that this vulnerability exploitation originated from an old contract code of Truebit deployed five years ago.

The key to the attack lies in a serious flaw in the pricing mechanism of the “mint” function within the contract. Hackers cleverly exploited this loophole to purchase TRU tokens at a cost far below market price. Weilin Li pointed out that the attack was carried out by two hackers, one of whom profited about $26 million, and the other about $250,000.

Truebit’s official statement was promptly posted on X: “We have identified a security incident involving one or more malicious actors. We are working closely with law enforcement and taking all possible measures to address this situation.”

“Archaeological trend” becomes a new favorite among hackers, multiple DeFi projects fall victim one after another

Worryingly, attackers are pioneering a new attack pattern—“excavating” old contracts that are forgotten but still have remaining permissions. Weilin Li specifically warned about this dangerous trend, noting that recently hackers have been adopting an “archaeological trend,” targeting old contracts that, although forgotten, still possess control rights for attacks.

Similar security incidents have occurred frequently in the industry. In November last year, DeFi protocol Balancer was hacked due to smart contract vulnerabilities, resulting in thefts exceeding $120 million. Recently, several well-known DeFi projects such as Bunni, Nemo Protocol, Hyperdrive, and Yearn Finance have also reported contract attacks, indicating that the overall ecosystem’s security risks remain severe.

Token price sharply drops and shows signs of rebound

Following the incident, TRU tokens were ruthlessly sold off by the market. According to the latest data, TRU is currently priced at $0.01. Although it has recovered somewhat compared to the time of the incident and recorded a 5.49% increase in the past 24 hours, it still lags far behind the $0.16 before the event, indicating that market confidence in the project has not fully recovered.

This incident once again sounds the alarm— as the DeFi ecosystem expands, security audits and regular updates and maintenance of smart contracts must become top priorities for every project. For investors, understanding the age and update status of project contracts has become a necessary part of risk assessment.