Thunder Terminal Loses $192,000 In Hacking Attack

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

State-Backed Hackers Target New Victims in Ongoing Cybersecurity Attacks
State-Backed Hackers Target New Victims in Ongoing Cybersecurity Attacks

Join Our Telegram channel to stay up to date on breaking news coverage

Thunder Terminal, a popular on-chain trading platform, has suffered a hacking attack that resulted in 114 wallets being compromised.

The attacker managed to transfer 86.5 ETH ($192,000) during the incident, sending the funds to Railgun, according to an online investigator, ZachXBT.

114 Wallets Compromised, 86.5 ETH And 439 SOL Stolen

During its announcement of the incident, Thunder Terminal admitted that 114 wallets were affected by the security incident. However, it also insisted that the funds are safe.

The platform said in a post on X that no private keys were compromised before or during the exploit that occurred yesterday, December 26.

The trading platform also stated that the refunds will be handled shortly.

Although the platform noticed the attack quickly and reacted swiftly, the attacker was still able to transfer 86.5 ETH.

Following Thunder’s announcements, the attacker reacted, claiming that Thunder’s posts were “all lies.” The claim came through an on-chain note pointed out by the on-chain sleuth, ZachXBT. The address, seemingly belonging to the attacker, also left a message saying:

Also, we have all the user data. 50 ETH, and we will delete the data.

Thunder has published a separate incident report, explaining that the exploit occurred through withdrawal requests that the platform’s servers considered authorized due to leaked session tokens.

In addition to the stolen Ether, the platform admitted that around 439 SOL ($47,800) were also taken from its platform.

However, it insisted that all lost funds would be fully refunded and that affected users would not have to pay fees. Furthermore, they will receive $100k in credits each.

Thunder Introduces Additional Security Measures

The platform also listed several measures to prevent further malicious withdrawals and access to session tokens.

Those include revoking all pre-existing connection URLs and session tokens. In addition, Thunder said that all current and future connection URLs can only be accessed and used directly from the platform’s servers.

As for the incident, the platform said that its legal team and the FBI have been contacted and are undergoing a full technical audit. It will also add 2FA immediately for withdrawals and extra security regarding session issuing.

Lastly, Thunder Terminal said that it knows which services the attacker used to conduct the theft and that Thunder will pursue them as aggressively as possible.

Related News:

Newest Meme Coin ICO - Wall Street Pepe

Rating

Wall Street Pepe
  • Audited By Coinsult
  • Early Access Presale Round
  • Private Trading Alpha For $WEPE Army
  • Staking Pool - High Dynamic APY
Wall Street Pepe

Join Our Telegram channel to stay up to date on breaking news coverage

Read next

Please enter Coingecko & CoinMarketcap Api Key to get this plugin works