THORChain concludes 2 security audits following summer exploits

Cross-chain liquidity protocol THORChain has fully recovered from two summer exploits that compromised millions of dollars in user funds after the company announced Thursday that it had received passing grades in a new security audit. 

The simultaneous audits, which were carried out by cybersecurity companies Trail and Bits and Halborn, allowed THORChain to implement a five-step recovery plan. THORChain’s contributors now say the protocol is fully operational after a restart brought all the major cryptocurrency integrations and cross-chain trading features back online.

In addition to the audit, THORChain announced that it has commissioned Immunefi, a leading bug bounty platform for the DeFi sector, with a bounty program to identify new vulnerabilities as they arise.

The launch of THORChain earlier this year came with much fanfare, as it marked an important evolution in decentralized exchanges. In July, however, the platform suffered two multi-million-dollar security breaches, the first being a $7.6 million Ether (ETH) exploit that generated significant backlash. As Cointelegraph reported, network activity was halted as developers investigated the extent of the damages.

Related: THORSwap closes investment round as cross-chain DEXs take center stage

Roughly one week later, a white hat attacker drained the protocol of roughly $8 million worth of ETH, but would later request a 10% bounty for returning the funds. The two thefts capped off a horrible month for THORChain, with even its biggest supporters calling for a slowdown in project ambitions.

Thorchain has had a horrible month, not going to sugar coat it. Bleh The project needs to slow down. Time to take the tortoise strategy. Regardless, I remain a committed supporter, and am glad these issues are being discovered during chaosnet. https://t.co/gcWCyFYuTI

— Erik Voorhees (@ErikVoorhees) July 23, 2021

Security breaches are nothing new for the cryptocurrency market, with DeFi emerging as a popular attack vector for cybercriminals. According to industry sources, roughly $1.2 billion has been lost to DeFi exploits. That figure omits the recent nine-figure exploit of Cream Finance, which suffered a major flash loan hack on Wednesday.

DeFi hacks and exploits total $285M since 2019, Messari reports   April 29, 2021
DeFi attacks are on the rise — Will the industry be able to stem the tide?   May 14, 2022
Developers need to stop crypto hackers — or face regulation in 2023   Nov. 3, 2022
LayerZero bridging protocol denies accusation of 'critical vulnerabilities'   Jan. 31, 2023
Top 7 cybersecurity jobs in high demand   Feb. 26, 2023