THORChain concludes two security audits following summer attacks

THORChain has fully recovered from two summer attacks that exposed millions of dollars in user funds, as announced on Thursday.

THORChain was able to establish a five-step recovery plan as a result of the concurrent audits conducted by cybersecurity firms Trail and Bits and Halborn. Contributors to THORChain report that the protocol is now fully operational following a restart that restored access to all major cryptocurrency integrations and cross-chain trading functionalities.

Along with the audit, THORChain stated that it has commissioned Immunefi, a leading bug bounty platform for the DeFi sector, to manage a bounty program for identifying new vulnerabilities as they emerge.

The introduction of THORChain earlier this year was heralded as a watershed moment in the evolution of decentralized exchanges. However, in July, the network suffered two multimillion-dollar security breaches, the first of which resulted in a $7.6 million Ether (ETH) exploit that sparked widespread outrage. As reported by Cointelegraph, network activity was paused as developers assessed the degree of the damage.

A little more than a week later, a white hat attacker emptied the protocol of around $8 million in ETH, but later requested a 10% prize for restoring the cash. The two thefts rounded off a particularly trying month for THORChain, with even its most ardent supporters asking for a scaling back of the project's objectives.

Thorchain has had a terrible month, there is no way around it. Bleh, The project's pace must be reduced. Now is the time to adopt the turtle technique. Regardless, I remain a fervent supporter and am relieved that these concerns are being exposed during chaosnet. https://t.co/gcWCyFYuTI July 23, 2021 — Erik Voorhees (@ErikVoorhees)

Security breaches are nothing new in the cryptocurrency sector, with cybercriminals increasingly using DeFi as an attack vector. Approximately $1.2 billion has been lost to DeFi exploits, according to industry insiders. This figure excludes Cream Finance's recent nine-figure exploit, which was hit by a big flash loan attack on Wednesday.