Truebit protocol hack exposes DeFi security risks as TRU token collapses

• The TRU token collapsed from $0.1659 to near zero, wiping out market value.
• Liquidity on decentralised exchanges dried up following the exploit.
• The attacker wallet was linked to a Sparkle protocol attack 12 days earlier.

A serious security breach at Truebit Protocol has triggered one of the sharpest collapses seen in decentralised finance this year.

The blockchain project, which focuses on verified computing, lost around $26.5 million after an attacker exploited a weakness in its smart contract system.

The incident sent the protocol’s native TRU token crashing to near zero and left liquidity across decentralised exchanges severely strained.

On-chain movements following the exploit show how quickly funds were siphoned away, highlighting ongoing risks around smart contract design and monitoring across the DeFi sector.

How the exploit unfolded

The breach was first flagged by blockchain security firm PeckShield, which detected a series of suspicious transactions on the Ethereum network.

Analysis showed that the attacker drained nearly 8,500 ETH from Truebit Protocol.

At the time of the exploit, the stolen cryptocurrency was valued at about $26.5 million.

On-chain data indicates that the funds were quickly split and transferred to two separate wallet addresses, identified as 0x2735…cE850a and 0xD12f…031a60.

Dividing funds in this way is a commonly used technique to complicate tracking and reduce the chances of recovery.

PeckShield’s preliminary findings suggest the exploit targeted a flaw within the protocol’s contract structure, although a detailed technical breakdown has not yet been published.

Token collapse and liquidity shock

The market impact was immediate. Truebit’s native TRU token suffered a near-total collapse, falling from a daily high of $0.1659 to a low of $0.000000018.

The move effectively erased the token’s market capitalisation within hours.

Liquidity across decentralised exchanges also dried up rapidly.

With pools depleted and confidence shaken, many token holders were unable to exit positions.

The episode underlined how tightly token valuations are linked to protocol security, particularly for smaller DeFi projects where confidence can evaporate quickly once an exploit is confirmed.

Protocol response and containment steps

After the breach, Truebit Protocol issued an official update acknowledging the incident.

The team confirmed that a specific smart contract had been compromised and warned users not to interact with it until further notice.

The protocol stated that it is working alongside law enforcement authorities and taking steps to limit further damage.

Users were also advised to rely only on official communication channels for updates as investigations continue.

No timeline has yet been shared for remediation or potential recovery efforts.

Link to earlier DeFi attack

PeckShield further reported that the wallet involved in the Truebit exploit had been connected to a separate attack on the Sparkle protocol roughly 12 days earlier.

In that case, the attacker acquired tokens and later routed funds through Tornado Cash, a privacy service often used to obscure transaction trails.

The repeated use of similar techniques points to an experienced exploiter actively scanning for vulnerabilities.

The connection has raised broader concerns across the DeFi ecosystem, where a series of linked attacks can amplify risk perception beyond the affected projects.