On Jan. 8, the Truebit protocol’s native token (TRU) plummeted 99.95% to near-zero after a $26 million exploit. Security firm Cyvers Alerts detected the anomaly when a single address siphoned approximately 8,535 ether.
Token Collapses 99.95% After $26M Exploit
WRITTEN BY
SHARE
The Anatomy of the Attack
The native token of Truebit, a verification and orchestration layer for tokenized assets, collapsed by 99.95% on Jan. 8 after hackers exploited the protocol to siphon millions in digital assets. Market data reveals that the TRU token, which was trading near $0.1663 prior to the breach, crashed to $0.00005417 by 3 p.m. EST.
Web3 security firm Cyvers Alerts first identified the breach after detecting a suspicious on-chain transaction. According to its report, the attack resulted in a total loss of approximately $26 million in digital assets. Cyvers noted that a single address received roughly 8,535 ETH in a transaction labeled “Truebit Protocol: Purchase.” The activity was flagged as anomalous based on behavioral risk indicators within the firm’s detection models.
Preliminary investigations suggest the exploit targeted a mispriced minting function within the protocol’s purchase contract. Social media analyst Weilin Li noted that this flaw allowed attackers to purchase TRU tokens at a fraction of their market value. Li pointed out that the compromised contract was deployed roughly five years ago, remarking, “It seems old contracts are getting more ‘popular’ among attackers now.”
Hours after the crash, Truebit acknowledged the incident via X, formerly known as Twitter. The team issued a safety warning advising users to avoid interacting with the affected smart contract until further notice. Truebit confirmed it has engaged law enforcement and is taking steps to mitigate the damage. The protocol’s statement also appeared to confirm Li’s findings that two separate attackers may have been involved in the exploit.
FAQ ❓
- What happened to Truebit’s token? TRU collapsed 99.95% on Jan. 8 after a major exploit.
- How much was stolen in the attack? Hackers siphoned about $26M, including 8,535 ETH.
- What caused the breach? A mispriced minting flaw in an old purchase contract was exploited.
- How is Truebit responding globally? The team warned users, engaged law enforcement, and confirmed multiple attackers may be involved.
