Lounge Started Jun 1, 2026 1:06 PM

Thorchain accused of patching a critical vulnerability without paying the researchers

2 replies - 37 views - 2 thanks - 0 tippers - 3 watchers

Jun 1, 2026 1:06 PM Last edited Jun 1, 2026 1:07 PM

https://xcancel.com/v12sec/status/2061401842324820205

Thorchain has pulled a Microsoft.
Security researcher V12 has posted a tweet, with receipts, showing that they were stiffed out of a vulnerability payment after disclosing. The text of the tweet reads:

We reported a critical loss of funds bug to
@Thorchain
(32M TVL, 150M FDV)

They silently patched it and told us their bug bounty program is permanently retired.

We have more Thorchain chain halt DoS vulns. We intend to release them (open disclosure) in the coming few days

Humoroursly, in a followup tweet, V12 writes "the code quality is honestly not great (in our opinion) so we wouldn't be surprised for there to be more crits lurking still". What an absolute disaster. And what's worse is they apparently aren't even paying out to security researchers anymore. How anyone can take this project seriously is a wonder.

2 thanks - 0 tippers - 3 watchers

Your ad here

Replies

Page 1 of 1 - 2 total

Jun 1, 2026 1:36 PM

Not exactly surprised. The unapologetic usage of AI programming to integrate Monero into their service should tell you all you need to know about sincerity and authenticity.

Crypto remains the scam industry of our generation. Nothing but immoral fucks wanting to make quick cash, the dirtier, the better. Yet all this rubbish is tolerated and legalized while the only real currency gets attacked and banned.

2 thanks - xenu, lIlIIllIIIIllllII - 0 tippers

Jun 1, 2026 1:48 PM

hot damn lol
thorchain out here be having more dramas than the internet dramas i making cause bored or somethin lol

0 thanks - 0 tippers

Post A Reply

You must be logged in to reply. Login or register.

Your ad here

Thread Stats

Replies 2

Thanks 2

Tippers 0

Watchers 3

Status Open

Participants 3