May 22, 2026
THORChain exploit tied to malicious node and GG20 flaw
The $10.7 million THORChain exploit was caused by a GG20 vulnerability, which allowed a malicious node to reconstruct a full private key to one of its vaults.
THORChain said a malicious node operator exploited a vulnerability in its GG20 threshold signature system to drain about $10.7 million from one of the protocol’s vaults.
The GG20 threshold signature scheme is used to secure THORChain vaults by splitting key control across multiple node operators, meaning no single node normally holds the full private key.
The vulnerability allowed the malicious node operator to reconstruct a full private key for one vault, through “progressive key material leakage,” the protocol said in a post-mortem report released on Wednesday.
Source: Cointelegraph →Related News
- 3 hours ago
Dash eyes Philippines as market for crypto payments
- 6 hours ago
Japanese corporate pension fund plans 1% crypto allocation: Nikkei
- 10 hours ago
Bitcoin ETFs shed a record $6.4B in 30 days amid crypto winter chill
- 10 hours ago
Bitcoin ETFs shed record $6.4B in 30 days amid crypto winter chill
- 15 hours ago
Notorious ‘sandwich attack’ bot Jaredfromsubway.eth exploited for $7.5M