Truebit major security incident! Token vulnerability triggers crash, hackers steal 26 million USD

Truebit protocol experienced a security incident on Thursday, causing the TRU token to plummet from $0.16 to $0.0000000029, a decline of over 99%. According to Nansen data, hackers stole 8,535 ETH, worth approximately $26.6 million. Lookonchain has tracked the flow of funds, but the Truebit team has not yet disclosed the cause of the vulnerability, leading to a complete collapse of market confidence.

Truebit 8,535 ETH Disappeared in 24 Hours

(Source: Obscicron)

On Thursday, Truebit issued an emergency announcement on X platform confirming a security incident involving “one or more malicious actors.” The affected smart contract addresses provided by the official show abnormal transaction records, but the initially disclosed stolen amount vastly underestimated the actual loss. After in-depth analysis by Lookonchain and other blockchain investigators, it was found that the total value of stolen cryptocurrencies in this attack exceeded $26 million, far higher than Truebit’s initial indication.

Crypto detective reports monitoring the protocol state that hackers successfully extracted 8,535 ETH. At the current ETH price of $3,109, this amount is worth about $26.6 million. The stolen funds have been traced to multiple addresses, indicating that the hackers employed complex mixing and transfer strategies. Some funds flowed to decentralized exchanges, while others were dispersed into dozens of newly created wallets, a typical money laundering prelude.

Truebit claims to have “taken all feasible measures” and has contacted law enforcement, but as of press time, the protocol has not announced any specific compensation plans or security audit reports. It remains unclear what technical factors caused this multi-million-dollar vulnerability event, or whether user funds are at risk. Cointelegraph has reached out to Truebit for comment but has not received a response. This silence further fuels market panic, with investors rushing to sell TRU tokens, triggering a death spiral decline.

Even more concerning is that the number of stolen ETH shown at the affected smart contract addresses provided by Truebit is far less than the actual loss uncovered by investigators. This information asymmetry raises questions: Does the protocol fully understand the scope of the vulnerability? Are there more undisclosed affected contracts? These unresolved mysteries caused TRU token’s price to crash completely within hours, from $0.16 to nearly zero at $0.0000000029.

Market Panic Mechanism Behind Price Zeroing

Shortly after the vulnerability was exposed, the price of Truebit tokens began to fall freely. According to Nansen data, TRU’s price dropped from about $0.16 to $0.0000000029, meaning that investors holding $10,000 worth of TRU saw their assets shrink to just about $0.18 within hours. This catastrophic decline is extremely rare in crypto history, even surpassing many classic Rug Pull cases.

The price collapse mechanism reveals the fragility of small-cap tokens. Truebit’s liquidity was already limited; once the news of the vulnerability spread, panic selling instantly exhausted all buy orders. Automated market makers (AMMs) on decentralized exchanges were broken through, causing prices to plummet vertically after losing support. Worse, arbitrage bots detected the abnormal price and began arbitraging between different exchanges, further driving down the price.

Centralized exchanges responded more directly: multiple exchanges temporarily suspended TRU trading and withdrawals. While these measures aim to protect users, they also trap holders unable to exit. Users stuck on exchanges watched their assets go to zero without being able to take any action. This “liquidity trap” is a typical consequence of small token hacker incidents, often causing greater secondary damage than the attack itself.

The Black Start of Crypto Security in 2025

The Truebit hacker incident is not an isolated case but the latest chapter in the 2025 crypto security crisis. Multiple major hacking and vulnerability exploitation events occurred in December, indicating that industry security defenses have not improved with technological progress.

Major Security Incidents in December 2024

Flow Foundation Fake Token Incident: On December 27, attackers successfully forged network tokens, causing approximately $3.9 million in losses

Trust Wallet Chrome Extension Attack: Hackers exploited malicious updates to steal $7 million from users

Total December Losses: $76 million (a 61% decrease from $194 million in November)

Blockchain analysis platform PeckShield reported on January 1 that although total losses in December decreased compared to November, the destructive potential of individual incidents is increasing. The $26 million loss in Truebit, if it had occurred in December, would account for over one-third of that month’s total losses. This trend indicates that while the number of small attacks is decreasing, large, carefully planned exploits are on the rise.

Even more worrying is that the technical complexity of these attacks is increasing. The fake token attack on Flow Foundation requires deep understanding of on-chain governance mechanisms, while the supply chain attack on Trust Wallet demonstrates hackers targeting infrastructure layers. Although technical details of the Truebit case have not been disclosed, the scale of the 8,535 ETH extraction suggests a long-term stealthy and meticulously planned operation.

Related cases include Gnosis announcing a hard fork to recover funds lost due to a Balancer vulnerability. Such “time-reversal” remedies can recover funds but also raise philosophical debates about blockchain immutability. Will Truebit take similar measures? The current silence from the team leaves this question unanswered.