Thunder Terminal, an on-chain trading platform, confronted a recent exploit that compromised user wallets, leading to a significant loss of funds, followed by a ransom demand from the hacker. The platform confirmed the exploit occurred through a compromised MongoDB connection URL from a third-party service. Despite this breach, Thunder Terminal managed to halt the attack within nine minutes, assuring users that their funds remained secure.
The platform detailed in an incident report that no private keys or wallets had been compromised during the breach, emphasizing their non-storage of private keys. They clarified that less than 1% of wallets were affected by the attack, resulting in a loss of approximately $240,000 in ETH and SOL. Thunder Terminal assured affected users full refunds, 0% fees, and $100k in credits each as part of the remedial process. However, despite Thunder Terminal’s assurances, the attacker contested the incident report’s validity and claimed access to user data on Etherscan.
The hacker demanded a 50 ETH ransom to delete the alleged user data. While the platform has yet to respond to the demands, blockchain detective ZachXBT disclosed that the attacker transferred a substantial amount of ETH to Railgun, a privacy-centric protocol enabling anonymous transactions. This ongoing situation has caused confusion among Thunder Terminal users regarding the security of their information and funds. Stay informed on similar crypto-related breaches, such as Telcoin’s recent $1.3M exploit and the major crypto hacks of 2023, showcasing the significant losses experienced across the cryptocurrency landscape.