THORChain halted trading on Friday, May 15, 2026, after a suspected cross-chain exploit drained approximately $10 million from the protocol [1].
This incident highlights the persistent security risks associated with cross-chain liquidity, where vulnerabilities in bridge-like protocols can expose assets across multiple disparate networks simultaneously.
The exploit targeted funds across several blockchain networks, including Bitcoin, Ethereum, Binance Smart Chain (BSC), and Base [2]. Reports on the exact amount stolen vary slightly, with some estimates placing the loss at roughly $10.8 million [1], while others cite a suspected $10 million [3].
In response to the breach, THORChain paused its trading operations to protect remaining user funds and allow for a full investigation into the vulnerability [3]. The trading halt lasted for about 12 hours [4].
The market reacted quickly to the news, causing the protocol's native RUNE token to plunge. The token experienced a double-digit decline, with reports indicating a drop between 11% [5] and 12% [1].
On-chain analyst ZachXBT flagged the exploit and said the losses spanned multiple chains [6]. The protocol's decision to halt operations is a standard emergency measure designed to prevent further outflows while developers patch the exploited vulnerability [3].
“THORChain halted trading on Friday, May 15, 2026, after a suspected cross-chain exploit drained approximately $10 million.”
The attack underscores the 'systemic risk' inherent in cross-chain protocols. Because THORChain interacts with multiple blockchains to provide liquidity, a single vulnerability can lead to losses across several different ecosystems. The immediate price drop of RUNE reflects investor concern over the protocol's security architecture and the potential for future instability in its native token's value.
