2026-01-11 04:25:52

According to on-chain data monitoring, the computation verification platform Truebit recently encountered a security vulnerability, resulting in the illegal transfer of a total of 8,535 ETH (worth approximately $26.36 million). More notably, the hacker subsequently transferred all funds through the privacy mixer Tornado. This incident once again exposes the risks of smart contract vulnerabilities—even professional computation verification service providers find it difficult to completely avoid them. In terms of fund flow, the hacker's rapid actions indicate a high level of familiarity with on-chain privacy tools. For ecosystem participants, this serves as both a warning and a deep reflection on auditing mechanisms and risk prevention.

ETH0,54%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

13 Likes

Reward
13
9
Repost
Share

Comment

0/400

ShitcoinConnoisseur

· 5h ago

Once again, there's an issue with the smart contract. This time, Truebit couldn't escape either. Even professionals can get hacked, so what are we retail investors daring to touch? Once Tornado is used, it becomes untraceable. This trick is so common now, isn't it? Audits are useless; the key still depends on code quality. 26.36 million lost. It's high time to pay attention to on-chain security.

View OriginalReply0

StablecoinArbitrageur

· 01-11 14:10

ngl the tornado mixer move is actually textbook af... if you're running monte carlo simulations on hacker behavior patterns, the correlation between exploit discovery and immediate privacy layer deployment consistently hits 0.87+ across my dataset. zero surprise there honestly.

Reply0

MEVHunterBearish

· 01-11 06:31

Truebit can fail too, what else is there to trust? --- It's Tornado again, this move is worn out --- Over 8500 ETH just gone, the auditing firms are really... --- The hacker's speed, I bet he's definitely an insider --- On-chain privacy tools are now just synonymous with tools for committing crimes, need to change strategies --- Truebit took a big hit this time, trust value was wiped out --- Talking about deep thinking, ultimately it's still a flaw in the code --- Here we go again, how many times this month? --- The most ridiculous thing is they still claim to be professional verification service providers... --- Privacy mixers indeed have too much regulatory loophole

View OriginalReply0

TradingNightmare

· 01-11 04:54

It's the same old Tornado stuff again; these hackers are really familiar with it. Truebit's recent situation is quite awkward; claiming to be a professional verification still got exposed. 26.36 million USD just disappeared like that; the audit mechanism really needs to be thoroughly checked. That's why I keep saying not to fully trust those projects that claim to be "safe."

View OriginalReply0

DeFiDoctor

· 01-11 04:54

The consultation records show that another "doctor" was injected with a needle, and 8,500 ETH directly flowed out, with Tornado taking it all—this is not a bug, but an advanced symptom of protocol code vulnerabilities.

View OriginalReply0

WalletsWatcher

· 01-11 04:50

Once again, Tornado saves the day. This trick has been played out. Truebit also failed, it seems there are no absolutely secure contracts. Where's the promised audit? Over 8,000 ETH just gone like that. Hackers have become professionals, mixing coins as if it's a game. This ecosystem really needs to seriously reflect.

View OriginalReply0

MagicBean

· 01-11 04:48

It's Tornado money laundering again, how familiar is this routine? --- Truebit also got exposed? Feels like no one can escape the audit trap. --- $26 million just disappeared like that, I need to check if there's an issue with my contract. --- Hackers probably understand Tornado better than the official team. That's professionalism. --- Every time they say they will strengthen audits, but they still get hacked. I'm exhausted. --- Tornado is still very useful in critical moments. No wonder countries want to ban it. --- Over 8,000 ETH... I sigh. --- So the question is, how can we trust any project?

View OriginalReply0

GasGoblin

· 01-11 04:38

Another "professional" service provider crashes, hilarious. You can tell Tornado is run by veterans just by using it. --- Damn, over 8,500 E just gone like that? The audit mechanism needs to be reconsidered. --- Truebit isn't good either, it seems no one can truly be safe. --- Hackers are so familiar with Tornado... on-chain privacy has really become a tool for committing crimes. --- $26.36 million just evaporated, I'm envious. --- Even professional service providers are crashing, ordinary users probably have no way out. --- It's Tornado again, this thing really should be banned. --- It seems that the audit report is just psychological comfort. --- Quickly moving into Tornado, this guy definitely has some skills.

View OriginalReply0

SatoshiLeftOnRead

· 01-11 04:37

Here we go again, did Truebit also get caught? These days, even audited contracts can't be fully protected. I really can't help but laugh. Hackers use Tornado to instantly hide, which is why I never put large amounts into new projects. Truebit took a big hit this time; how much trust in the ecosystem has been lost? Another over $26 million USD, has DeFi security really become a joke? Contract auditing seems to be increasingly just a formality. Tornado's speed, I guess I need to learn something... Isn't this textbook-level exit scam? Over 8,500 ETH, if anyone dares to say DeFi is safe again, I will really lose my temper.

View OriginalReply0