Thunder Terminal Loses $192,000 In Hacking Attack

Updated: 28 December 2023

Disclosure

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

Thunder Terminal, a popular on-chain trading platform, has suffered a hacking attack that resulted in 114 wallets being compromised.

The attacker managed to transfer 86.5 ETH ($192,000) during the incident, sending the funds to Railgun, according to an online investigator, ZachXBT.

114 Wallets Compromised, 86.5 ETH And 439 SOL Stolen

During its announcement of the incident, Thunder Terminal admitted that 114 wallets were affected by the security incident. However, it also insisted that the funds are safe.

The platform said in a post on X that no private keys were compromised before or during the exploit that occurred yesterday, December 26.

The trading platform also stated that the refunds will be handled shortly.

Although the platform noticed the attack quickly and reacted swiftly, the attacker was still able to transfer 86.5 ETH.

Following Thunder’s announcements, the attacker reacted, claiming that Thunder’s posts were “all lies.” The claim came through an on-chain note pointed out by the on-chain sleuth, ZachXBT. The address, seemingly belonging to the attacker, also left a message saying:

Also, we have all the user data. 50 ETH, and we will delete the data.

Thunder has published a separate incident report, explaining that the exploit occurred through withdrawal requests that the platform’s servers considered authorized due to leaked session tokens.

In addition to the stolen Ether, the platform admitted that around 439 SOL ($47,800) were also taken from its platform.

However, it insisted that all lost funds would be fully refunded and that affected users would not have to pay fees. Furthermore, they will receive $100k in credits each.

Results from the incident are as follows:
– 86.5611512804 ETH lost
– 439.12232317 SOL lost

All funds lost will be refunded in full and affected users will be given 0% fees and $100k in credits each.

— Thunder (@ThunderTerminal) December 27, 2023

Thunder Introduces Additional Security Measures

The platform also listed several measures to prevent further malicious withdrawals and access to session tokens.

Those include revoking all pre-existing connection URLs and session tokens. In addition, Thunder said that all current and future connection URLs can only be accessed and used directly from the platform’s servers.

As for the incident, the platform said that its legal team and the FBI have been contacted and are undergoing a full technical audit. It will also add 2FA immediately for withdrawals and extra security regarding session issuing.

We have taken the following actions:
– Our legal team and the FBI have been contacted.
– We are now undergoing a full, technical audit.
– We are working on adding 2FA immediately for withdrawals.
– We are adding additional security regarding session issuing.
– We know which…

— Thunder (@ThunderTerminal) December 27, 2023

Lastly, Thunder Terminal said that it knows which services the attacker used to conduct the theft and that Thunder will pursue them as aggressively as possible.