Unleash Protocol, an intellectual property financial platform built on the Story ecosystem, lost approximately $3.9 million in a security breach, according to blockchain security company PeckShield.
Attacker bridged stolen assets to Ethereum and deposited 1,337.1 Ethereum According to PeckShield, Tornado Cash is a cryptocurrency mixing service that is often used to mask transaction history.
Unleash earlier reported the breach but did not disclose the exact amount.
“Earlier today, we detected unauthorized activity involving Unleash Protocol smart contracts, resulting in the withdrawal and transfer of user funds,” the platform said in a post on
Affected assets include WIP, USDC, WETH, stIP and vIP, the agreement said. After withdrawal, funds are bridged through third-party infrastructure and transferred to an external address.
Platforms like Unleash aim to bring intellectual property such as media, brands and creative works onto the chain, enabling them to be tokenized, licensed or used as financial primitives in decentralized applications.
Both Unleash and on-chain analytics firm LookonChain said the vulnerability appeared to stem from a governance failure in Unleash rather than a vulnerability in the Story Protocol itself.
Unleash said the company has suspended all operations while the investigation continues and is working with independent security experts and forensic investigators to determine the root cause. Users are advised not to interact with Unleash Protocol contracts until further notice and follow official channels for updates.