Security teams link the Truebit breach to a prior Sparkle protocol incident, suggesting a repeat attacker targeting weak smart contracts; authorities are pursuing the 8,535 ETH involved, though recovery on decentralized platforms remains difficult.

Analysts remain uncertain about the exploit’s exact cause and impact on user funds, and Truebit had not immediately commented at publication.

The Truebit Protocol hack drained 8,535 ETH worth about $26 million, triggering a collapse in the TRU token price and severe liquidity stress on decentralized exchanges.

TRU collapsed from a intraday high near $0.166 to fractions of a penny, wiping out market value within hours and pushing liquidity to the brink on DEXs.

The market reaction was swift: TRU plummeted to around $0.000000018, erasing the token’s market capitalization and leaving many holders with illiquid positions.

Truebit acknowledged the breach, confirmed a compromised contract, and advised users to avoid interacting with that contract while investigations proceed.

Investigators note the attacker used a builder bribe to speed transactions, allowing trades to run before an emergency pause, and moved stolen funds through multiple wallets to obscure the trail.

The incident serves as a wake-up call for DeFi security, underscoring hidden bugs and the speed of blockchain settlement, prompting audits of older contracts and enhanced real-time monitoring.

Analysts suggest total stolen value exceeds $26 million, even as the primary contract address shows limited on-chain activity.

The attacker reportedly used Tornado Cash in Sparkle-related activity, illustrating ongoing privacy and traceability challenges in DeFi exploits.

Security firm Cyvers detected on-chain activity and alerted the community; Truebit confirmed a security incident targeting the contract address 0x764C64b2A09b09Acb100B80d8c505Aa6a0302EF2.

The project is coordinating with authorities and taking measures to limit further damage, with no remediation timeline specified.