A pricing bug in a Truebit smart contract live for nearly 5 years was exploited to drain ~8,535 ETH (~$26.4M), sending TRU effectively to zero.
On January 8, 2026, a pricing bug in a Truebit bonding-curve smart contract that had been live for nearly five years was exploited. The attacker drained approximately 8,535 ETH (~$26.4M). The TRU token was effectively reduced to zero with no recovery plan announced.
No laundering activity observed. Stolen ETH held in attacker wallets; no recovery reported.
N/A