Thunder Terminal Got Hacked, 86 ETH and 439 SOL Lost

Last Updated:
Hackers Steal Data From Bitcoin ATM
  • On-chain trading platform Thunder Terminal was hacked with 86 ETH and 439 SOL on December 27.
  • The exchange reassured customers that neither private keys nor wallets were compromised.
  • Hackers demanded 50 ETH, or else they would delete all user data they claimed to possess.

On-chain trading platform Thunder Terminal announced that the funds are safe after the exchange got hacked with 86 ETH and 439 SOL. Hackers, however, claimed that they had all the users’ data and were demanding 50 ETH or else they would delete it. 

On December 27, Thunder shared that at 12:11:47 AM (UTC), suspicious withdrawals started to happen while a malicious actor got access to a MongoDB connection URL. MongoDB is a cloud database provider. The hackers reportedly used the URL to pull session tokens and execute withdrawals on behalf of the trading platform users. 

Thunder claimed that it had managed to stop the malicious act in nine minutes, saying, “At 12:20:35 AM UTC, the last malicious withdrawal happened.” Thunder stated that all session tokens and all kinds of access to transaction signing were revoked for security reasons. 

The exchange reassured customers that neither private keys nor wallets were compromised. Additionally, they explained that the exploit happened through withdrawal requests that their server considered authorized due to the leaked session tokens. Thunder said:

We do not store any private keys, so the attacker does not have access to any wallets. Desktop wallets were not affected. Less than 1% of wallets on our platform were affected as a result of this attack.

Interestingly, the hackers claimed that the funds weren’t safe and the private keys were compromised. As an input data message in the Ethereum transaction hash, the hackers said, “All lies. Also, we have all the user data. 50 ETH and we will delete the data.”

The amount lost from the incident was 86.5611512804 ETH and 439.12232317 SOL, according to Thunder. Moreover, the on-chain trading platform stated that all lost funds will be refunded in full, and affected users will be given 0% fees and $100K in credits each. 

Furthermore, Thunder stated that they have taken measures to prevent further malicious withdrawals and future access to session tokens. 

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.

CoinStats ad

Latest News