**Truebit Protocol Hack Exposes Decentralized Finance Security Risks as TRU Token Collapses**
A devastating security breach at Truebit Protocol has sent shockwaves through the decentralized finance (DeFi) sector, triggering one of the sharpest collapses seen this year. The blockchain project, which focuses on verified computing, lost a staggering $26.5 million after an attacker exploited a weakness in its smart contract system.
The incident sent the protocol's native TRU token crashing to near zero, leaving liquidity across decentralized exchanges severely strained. On-chain movements following the exploit show how quickly funds were siphoned away, highlighting ongoing risks around smart contract design and monitoring across the DeFi sector.
**The Attack**
According to blockchain security firm PeckShield, the breach was first flagged when they detected a series of suspicious transactions on the Ethereum network. Analysis showed that the attacker drained nearly 8,500 ETH from Truebit Protocol, valued at about $26.5 million at the time of the exploit.
The funds were quickly split and transferred to two separate wallet addresses: 0x2735...cE850a and 0xD12f...031a60. Dividing funds in this way is a commonly used technique to complicate tracking and reduce the chances of recovery, making it increasingly difficult for investigators to follow the money trail.
**Market Impact**
The market impact was immediate and drastic. Truebit's native TRU token suffered a near-total collapse, falling from a daily high of $0.1659 to a low of $0.000000018 in a matter of hours. The move effectively erased the token's market capitalisation within hours.
Liquidity across decentralized exchanges also dried up rapidly, with pools depleted and confidence shaken among token holders. Many were unable to exit positions as liquidity evaporated, highlighting how tightly token valuations are linked to protocol security – particularly for smaller DeFi projects where confidence can evaporate quickly once an exploit is confirmed.
**Truebit's Response**
After the breach, Truebit Protocol issued an official update acknowledging the incident. The team confirmed that a specific smart contract had been compromised and warned users not to interact with it until further notice.
The protocol stated that it is working alongside law enforcement authorities and taking steps to limit further damage. Users were also advised to rely only on official communication channels for updates as investigations continue. No timeline has yet been shared for remediation or potential recovery efforts.
**Broader Concerns**
PeckShield further reported that the wallet involved in the Truebit exploit had been connected to a separate attack on the Sparkle protocol roughly 12 days earlier. In that case, the attacker acquired tokens and later routed funds through Tornado Cash, a privacy service often used to obscure transaction trails.
The repeated use of similar techniques points to an experienced exploiter actively scanning for vulnerabilities, raising broader concerns across the DeFi ecosystem. A series of linked attacks can amplify risk perception beyond the affected projects, creating a ripple effect that threatens confidence and stability within the sector.