Rewards Hub Truebit Protocol suffered a smart contract vulnerability attack on January 8, 2026, as reported by SlowMist. The attack exploited an unprotected integer overflow in the Purchase contract's price calculation, due to the lack of overflow checks in Solidity 0.6.10. The attacker manipulated the minting process to set the token price to zero, repeatedly executing a 'mint-burn' arbitrage strategy. This drained the contract's reserves, resulting in a profit of approximately 8,535 ETH, valued at $26.44 million. The stolen funds were subsequently funneled through privacy tools like Tornado Cash.
Truebit Protocol Exploited for $26.44 Million in Smart Contract Attack
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.