A significant security breach has hit the Unleash Protocol, leading to the theft of approximately $4 million in Ethereum. Hackers have begun laundering the stolen funds through Tornado Cash, raising concerns in the cryptocurrency community.
Security Breach and Stolen Funds
Recent investigations reveal that an attacker exploited a vulnerability in Unleash Protocol, siphoning off 1,337 ETH. This incident was confirmed by cybersecurity firms PeckShield and CertiK, which monitored the funds as they were moved in small chunks around 100 ETH each to obscure their origin.
Governance Exploit
Unleash confirmed the security breach on Tuesday, estimating the financial loss at around $3.9 million. In response, the protocol has halted operations and is currently conducting a forensic investigation.
Preliminary findings suggest that external wallets gained unauthorized administrative control via the protocol’s multisig governance system. The hacker executed an unapproved upgrade to the contract, enabling the withdrawal of user funds without appropriate permissions.
“This upgrade allowed for asset withdrawals that had not been authorized by the Unleash team and occurred outside our expected governance and operational procedures,” the team stated on social media.
Security analysts believe the exploit may have stemmed from phishing or some form of social engineering that allowed the hacker to gain access to governance keys, thus bypassing standard security measures.
Assets Laundered via Tornado Cash
The stolen assets reportedly included Wrapped IP (WIP) tokens, USDC, Wrapped Ether (WETH), stIP, and vIP. On-chain analysis indicated these assets were transferred to Ethereum, consolidated into ETH, and funneled through Tornado Cash, a popular method used by cybercriminals to obscure transaction trails.
CertiK alerted the community about suspicious withdrawals of WETH and related tokens directed to an externally controlled address created through SafeProxyFactory, a well-known multi-signature wallet framework.
#CertiKInsight 🚨 Detecting deposits of 1337.1 ETH (~$3.9M) into Tornado Cash from specific suspicious addresses.
— CertiK Alert (@CertiKAlert) December 30, 2025
Limited Impact on the Broader Ecosystem
Unleash has assured users that the breach is confined to its own governance and management contracts. There is currently no evidence suggesting any compromise to the Story Protocol, the underlying blockchain on which Unleash operates.
“The impact appears limited to Unleash-specific contracts and administrative controls,” stated the team, adding that validators, core infrastructure, and Story Protocol contracts remain intact. Unleash is a prominent application within the Story Protocol ecosystem, which focuses on tokenized intellectual property management.
User Advisory During Ongoing Investigation
The Unleash team has advised users to refrain from interacting with the protocol while the investigation continues, promising to update the community as more verified information becomes available.
As of now, Unleash has not detailed any plans for asset recovery or compensation for affected users, and the use of Tornado Cash by the hacker may complicate any attempts to trace or recover the stolen assets.
John is a seasoned journalist at The Bothside News, specializing in balanced reporting across news, sports, business, and lifestyle. He believes in presenting multiple perspectives to help readers form informed opinions. His work embodies the publication’s philosophy that truth emerges from examining all sides of every story.
