On Wednesday, December 27, the prominent on-chain trading platform Thunder Terminal was hit by a major exploit that resulted in the loss of a substantial amount of funds. In a blog post, the Thunder group regretted that the attackers launched a malicious attack on its platform, siphoning approximately $240000 from 114 digital wallets.
Following the attack, the Thunder group took decisive action to investigate the matter. In their finding, the trading platform confirmed that the attackers heisted 86.5 Ether (ETH), and 439 Solana (SOL), amounting to around $240,000.
Hackers Steal $240,000 From Thunder Terminal
The probing team noted that the exploit took the shortest time possible. In their estimation, the Thunder group claimed that the hacker only took 9 minutes to launch the malicious attack.
In a subsequent report, the Thunder team confirmed that the remaining customer’s funds were safe since no private keys or wallets were compromised. After analyzing the severity of the attack, the Thunder team noted that the hackers launched a MongoDB connection URL to gain access to the customer’s accounts.
In a December 22 report, MongoDB was hit by a major security breach that resulted in the loss of customers’ data. Based on the nature of the MongoDB attack, the Thunder team suspect that the same hacking group launched the exploit.
The report revealed that after gaining unauthorized access to the Thunder platform, the hackers withdrew assets from customers’ funds. In the report, the company regretted that the attackers breached 114 wallets out of the 14,000 addresses on the Thunder platform.
Hackers Threats to Leak Thunder Customer Data
Following the December 27 attack, the Thunder team has been contemplating ways to refund the affected customers. After a lengthy meeting, the Thunder group confirmed plans to repay the hack victims.
The repayment plan will involve 0% fees, and $100,000 credits will be deposited on the platform. In the internal memo, the Thunder team assured the customers that the technical team had deployed adequate security measures to ensure the remaining amount was safe.
According to Etherscan, the hackers left a message that claimed that the Thunder memo was pure lies. The hackers stated that the assurance Thunder provided to the hack victims was a lie.
The hacker’s message created mixed reactions among the crypto community, who demanded to know the safety of customers’ data.
Thunder Agrees to Negotiate with the Hackers
Even though the Thunder team claimed that the customers’ funds and company data were out of danger, the hackers issued threats and demanded a $110,000 ransom for the user’s confidential data.
This implies that besides heisting multi-million dollars from Thunder, the hackers escaped with sensitive customer data. In the message, the hackers claimed to have all the user data and threatened to disclose the information to the public.
The disclosure of customers’ sensitive information could lead to ethical implications. To avoid this, the hackers demanded the Thunder team for 50 Ether to delete the information.
In response to the hackers’ ransom demand, the Thunder team confirmed taking additional security measures to shield the protocol from external attacks. The troubled trading platform plans to engage in intense negotiation with the hackers in a bid to return the stolen funds.
Based on the security tools on the Thunder trading platform, the company confessed that it does not have access to the customer’s private keys. This implies that there would be no way the hackers would gain access to the user data.
Elsewhere, the probing team noted that after the hackers stole the 86.5 Ether, the transaction was anonymized through the Railgun protocol. Since the inception of the Thunder Terminal, the company complained that the December 22 hack incident was the first sophisticated exploit the trading platform suffered.
For nearly two years, the Thunder team has provided crypto users with quick trade options and supported the buying and selling of digital assets across multiple blockchain networks. Last year, Thunder gained popularity after it emerged as the Telegram trading bots’ top rival.
Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at firstname.lastname@example.org if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.