New Delhi | January 10, 2026 | The TRU token of Ethereum-based project Truebit plunged nearly 99.9% in value on Thursday after a sophisticated exploit allowed a hacker to drain around 8,535 ether, worth approximately $26.6 million, from the protocol’s reserves, according to onchain data and independent blockchain researchers.
The sudden crash wiped out most of the token’s market value within hours, triggering panic selling as liquidity dried up and investors rushed to exit their positions. The incident has once again raised serious questions around the security of legacy smart contracts and the risks they pose even years after deployment.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
Truebit, which positions itself as a decentralised verification and computation network on Ethereum, confirmed the breach in a brief statement. The project said it was “aware of a security incident involving one or more malicious actors” and added that it was working with law enforcement while taking steps to assess and contain the damage.
Blockchain analytics firm Lookonchain estimated the theft at 8,535 ETH, while independent researcher Weilin Li traced the exploit to a flaw in an older smart contract deployed roughly five years ago. According to Li, the contract contained a minting function that, under specific conditions, could return a purchase price of zero for an unusually large token buy.
This flaw allowed the attacker to repeatedly acquire TRU tokens at virtually no cost and then immediately sell them back into the protocol’s bonding-curve reserve, extracting ether with each cycle. The repeated buy-and-sell loops steadily drained the reserve pool, leaving the protocol effectively hollowed out.
Another independent onchain analyst, known by the pseudonym “n0b0dy”, described the exploit as a series of carefully timed transactions that took advantage of mispricing as the reserve balance shifted. As the pool’s ether balance declined, the attacker continued to arbitrage the flawed pricing logic until most of the available funds were exhausted.
The wallet linked to the exploit reportedly paid a small builder bribe to ensure transaction prioritisation, allowing the attacker to execute the strategy rapidly before any defensive measures could be put in place.
Market data showed that TRU’s price collapse was swift and severe. As news of the exploit spread, liquidity providers withdrew, trading pairs thinned out, and the token fell as much as 99.9%, effectively rendering holdings near worthless for many retail investors.
While decentralised finance has long warned of smart contract risks, the Truebit incident underscores a recurring vulnerability: older or forgotten contracts can remain exploitable long after a protocol evolves. Even if a project’s current codebase is updated or audited, legacy deployments that still interact with reserves or hold value may continue to serve as attack vectors.
Security researchers noted that many projects underestimate the danger posed by historical contracts, especially when they are no longer actively monitored. “If it still touches value, it’s still part of the attack surface,” one analyst said.
As of Friday, Truebit had not released a full post-mortem report nor confirmed whether the affected contracts had been paused or isolated. The lack of immediate technical disclosure has added to uncertainty among remaining token holders and the wider crypto community.
The exploit comes amid a broader period of scrutiny for decentralised protocols, following a series of high-profile hacks that have collectively cost the industry billions of dollars over recent years. Regulators and investors alike have increasingly pointed to governance gaps, poor contract hygiene, and inadequate risk disclosures as systemic weaknesses.
For TRU holders, the road to recovery remains unclear. Without a clear remediation plan or compensation mechanism, losses may prove permanent. Analysts said any potential revival would depend on whether Truebit can restore trust, secure remaining infrastructure, and demonstrate that similar vulnerabilities no longer exist.
The episode serves as a stark reminder that in decentralised systems, code longevity can be as dangerous as code novelty—and that security debts left unresolved can surface years later with devastating consequences.
About the author — Suvedita Nath is a science student with a growing interest in cybercrime and digital safety. She writes on online activity, cyber threats, and technology-driven risks. Her work focuses on clarity, accuracy, and public awareness.
