Loading...

Thunder Terminal thwarts $240,000 hack attempt, assures user funds are safe

TL;DR

  • Thunder Terminal halts $240,000 hack; hacker seeks ransom.
  • 114 wallets hit, Ethereum and Solana lost.
  • Thunder promises refunds, boosts security, and negotiates with attacker.

In a recent incident, Thunder Terminal, the on-chain trading platform, successfully thwarted an exploit that compromised 114 wallets, resulting in losses of $240,000. The attacker, however, has disputed Thunder’s claims of user data safety, demanding a ransom for the purportedly affected information. 

The exploit and losses

On December 27, Thunder Terminal issued an incident report revealing that it had suffered an exploit leading to the compromise of 114 user wallets. The attacker managed to execute unauthorized withdrawals, resulting in a total loss of 86.5 Ether and 439 Solana, equivalent to $240,000, all within just nine minutes.

According to Thunder’s incident report, the breach occurred due to an attacker gaining access to a “MongoDB connection URL,” which subsequently allowed them to initiate these unauthorized transactions. The breach itself was linked to an exploitation of MongoDB that transpired eight days before the incident.

Thunder Terminal’s response

Despite the breach, Thunder Terminal sought to reassure its users, emphasizing that no private keys or wallets had been compromised. The platform pledged to fully refund all affected users, providing them with 0% fees and $100,000 in platform credits as a goodwill gesture.

Thunder also stressed that the exploit affected only a small fraction of its user base, specifically 114 out of 14,000 wallets. The company affirmed its commitment to security and announced its intention to take extra precautions to safeguard user funds in the future.

Hacker’s ultimatum and counterclaims

However, tensions escalated as the attacker contradicted Thunder’s assurances. In a message on Etherscan, the hacker declared that Thunder’s statements were “all lies” and demanded a ransom of 50 ETH, equivalent to $110,000, for the allegedly compromised user data. The message conveyed that the attacker possessed all the user data and would delete it upon receiving the ransom.

While not directly addressing the hacker’s request in its official response, Thunder Terminal reaffirmed that it could not access users’ private keys. This statement implied that there should be no way for the attacker to access such sensitive information.

Security measures and negotiations

Thunder Terminal is taking proactive steps to enhance its security infrastructure in light of the incident. The platform has expressed willingness to negotiate with the hacker to facilitate the return of the stolen funds, demonstrating its commitment to resolving the situation amicably.

Etherscan data indicates that the hacker has initiated transfers of the stolen assets, with 86.3 ETH being sent to the Railgun protocol, a service known for anonymizing transactions on the blockchain.

Thunder Terminal, launched by Eversify Labs in late 2022, is a trading platform tailored for swift transactions across various blockchain networks, including Ethereum, Solana, Avalanche, and Arbitrum. Positioned as a competitor to popular Telegram trading bots like Unibot, Thunder Terminal entered the market amid a surge in demand for meme coins in the latter part of the year.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Share link:

Lacton Muriuki

Lacton is an experienced journalist specializing in blockchain-based technologies, including NFTs and cryptocurrency. He dabbles in daily crypto news rich with well-researched stats. He adds aesthetic appeal, adding a human face to technology.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Guilty
Cryptopolitan
Subscribe to CryptoPolitan