News linked to both this project and an event.
According to the THORChain blog, ZEC is in the queue for launch on THORChain. However, due to a recent vulnerability disclosed in Zcash—whose existing patch impacts integrators’ normal operations—THORChain must first complete a minor code modification to its Bifrost module before proceeding. The development team stated that the change is minimal but must be completed prior to ZEC’s launch. Monero (XMR) is currently expected to launch by the end of this month, with ZEC scheduled to follow.
On-chain monitoring shows that a batch of funds suspected to be linked to hackers or phishing activities has recently been continuously purchasing Monero (XMR), with total purchases amounting to approximately $23 million, significantly impacting the market price.
According to on-chain analyst PeckShield (@PeckShieldAlert), RetoSwap—a peer-to-peer, decentralized exchange for Monero (XMR)—was exploited by hackers leveraging a vulnerability in the Haveno trading protocol, resulting in the theft of users’ funds totaling 7,000 XMR (approximately $2.7 million). Following the incident, the RetoSwap team responded swiftly, blacklisting the attacker’s onion address at 02:33 UTC and pausing all platform trading by enforcing an upgrade to client version 2.0.0. The attack has now been contained.
Odaily Chainalysis posted on X platform, stating that prior to the THORChain theft, wallets suspected to be linked to the attacker had been transferring funds through Monero, Hyperliquid, and THORChain for several consecutive weeks. As early as late April, the attacker-associated wallets deposited funds into Hyperliquid positions via Hyperliquid and the Monero privacy bridge. These funds were subsequently converted to USDC and transferred to Arbitrum, then bridged to Ethereum. Some of the ETH was then moved to THORChain to stake as RUNE for a newly joined node, which is believed to be the source of the attack.Subsequently, the attacker bridged a portion of the RUNE back to Ethereum and split it into four chains. One chain went directly to the attacker, passing through intermediate wallets before transferring 8 ETH to the wallet that would ultimately receive the stolen funds, just 43 minutes before the attack. The funds from the other three chains flowed in reverse. Between May 14 and 15, these wallets bridged the ETH back to Arbitrum again, deposited it into Hyperliquid, and transferred it into Monero via the same privacy bridge, with the final transaction occurring less than 5 hours before the attack commenced. As of Friday afternoon, the stolen funds remain untouched, but the attacker has demonstrated sophisticated cross-chain money laundering capabilities. The Hyperliquid to Monero path may be the next move.
privacy project Monero has released the graphical wallet software GUI version 0.18.5.0 "Fluorine Fermi". This update is a recommended upgrade version, primarily including numerous bug fixes and feature optimizations. Key highlights of this release include:Migration of the P2Pool installation path to LocalAppData on Windows systemsFix for an edge case in URI parsingProhibition of creating offline transactions in scenarios involving long payment IDsEscaping untrusted text during QR code scanning to enhance securityUpgrade of P2Pool to v4.15Numerous detail bug fixes and stability improvementsMonero officials stated that this version has been open-sourced on GitHub. Users can download and upgrade through official channels to obtain the latest security fixes and stability improvements.