Truebit Protocol has suffered a serious safety breach ensuing within the lack of roughly $26.5 million in ETH.
The incident has additionally triggered a collapse within the worth of its native token, TRU, which plummeted by almost 100% inside hours.
Good Contract Breach
Blockchain safety agency PeckshieldAlert flagged the incident through X, stating that Truebit had fallen sufferer to an exploit that drained over 8,500 ETH, price roughly $26.5 million, from considered one of its sensible contracts.
On-chain knowledge reveals that the attacker took benefit of a vulnerability within the sensible contract’s pricing logic, which allowed them to mint TRU tokens for gratis. The hacker then repeatedly minted and bought the tokens again into the protocol’s bonding curve, draining its ETH reserves by means of a fast buy-sell cycle. The stolen funds have since been transferred to 2 addresses, 0x2735…cE850a and 0xD12f…031a6.
The exploit had a right away influence on the TRU token, inflicting its worth to drop nearly 100% inside hours and leaving it nugatory on most exchanges.
On the time of writing, the DeFi platform has confirmed that it’s conscious of the safety menace whereas additionally advising customers to keep away from interacting with the affected sensible contract. The group has not but launched a full autopsy, however acknowledged that it’s in touch with legislation enforcement and is taking all obligatory measures to handle the problem.
Truebit Breach Linked to Sparkle Assault
Apparently, PeckShield has recognized the Truebit hacker as the identical particular person liable for the Sparkle assault that occurred almost two weeks in the past. In that episode, the perpetrator equally exploited a flaw within the undertaking’s sensible contract to mint tokens at an artificially diminished value, which was then swapped for roughly 5 ETH. The stolen funds had been later routed by means of Twister Money, a privateness protocol generally used to cover transaction trails.
General, crypto-related hacks reached a document excessive in 2025, with greater than $2.72 billion stolen, in accordance with TRM Labs. The 12 months started on a tough notice in February, when North Korean hackers stole $1.5 billion from centralized alternate Bybit, the biggest crypto exploit recorded to this point.
That incident set the tempo for the remainder of the 12 months, as TRM Labs reported an increase in additional organized {and professional} hacking exercise throughout the sector. Nevertheless, the pattern eased towards the top of the 12 months, with a latest report exhibiting that such losses dropped by greater than 60% in December in comparison with figures recorded in November.
The publish Truebit Suffers $26.5M Loss in First Main DeFi Hack of 2026 appeared first on CryptoPotato.