Thunder Terminal, an on-chain trading platform, was hit by an exploit that compromised 114 user wallets and stole $240,000 worth of crypto. The hacker demanded a ransom for the user data, but Thunder Terminal denied the claim and offered refunds and compensation to the affected users.
Thunder Terminal, a platform that allows users to trade crypto assets on various blockchains, faced a security breach on December 27 that resulted in the loss of $240,000 worth of crypto. The hacker exploited a vulnerability in the platform’s MongoDB database and accessed a connection URL that enabled them to withdraw 86.5 Ether and 439 Solana from 114 user wallets in just nine minutes.
The trading platform issued an incident report detailing the attack and its aftermath. The platform stated that the exploit was linked to a previous MongoDB attack that occurred eight days before the incident and that it had taken immediate actions to stop the hacker and secure the platform.
Thunder Terminal assured its users that no private keys or wallets were compromised in the attack and that the hacker only managed to steal a small portion of the platform’s funds. The platform also announced that it would fully refund all the affected users, as well as offer them 0% fees and $100,000 in platform credits as a gesture of apology.
Thunder Terminal emphasized its commitment to security and user protection and said it would take extra measures to prevent similar incidents. The platform also thanked its community for their support and understanding.
However, the hacker disputed Thunder Terminal’s claims and demanded a ransom for the user data that they allegedly possessed. In a message posted on Etherscan, the hacker accused Thunder Terminal of lying and asked for 50 ETH, or $110,000, to delete the user data. The hacker also claimed they had access to all the user data, including private keys, passwords, and personal information.
Thunder Terminal did not directly respond to the hacker’s demand but reiterated that it could not access users’ private keys, implying that the hacker’s claim was false. The platform also expressed willingness to negotiate with the hacker to recover the stolen funds, showing its dedication to peacefully resolving the situation.
According to Etherscan data, the hacker has already moved some of the stolen funds to another destination. The hacker sent 86.3 ETH to the Railgun protocol, a service that provides anonymity and privacy for transactions on the blockchain. The hacker may have used this service to hide their identity and evade detection.
The fate of the remaining funds and the user data is still unknown, as the hacker has not made any further communication. Thunder Terminal is working hard to enhance its security and restore its reputation, while the crypto community is watching closely for any new developments.
