What Happened In $240K Thunder Terminal Attack - Are Funds Safe?

After being attacked for $240,000 worth of funds, the Thunder Terminal platform is claiming that the funds are safe, while the hacker thinks not.

Thunder Terminal Faces $240K Exploit

On December 27, Thunder Terminal, the on-chain trading platform, confronted a significant exploit that jeopardized user wallets, resulting in a loss of approximately $240,000. The team promptly addressed the situation through a series of updates and incident reports. The platform disclosed that the exploit stemmed from a compromised third-party service, later identified as a MongoDB connection URL. 

Thunder Terminal swiftly responded to the breach, announcing on Twitter that the attack had been halted within nine minutes. Despite the severity of the incident, the platform assured users that the damage was contained, affecting only 114 out of 14,000 wallets.

User Funds Secure

In a detailed incident report issued two hours post-attack, Thunder Terminal emphasized the security of user funds. 

The report stated, 

"We do not store any private keys, so the attacker does not have access to any wallets. Desktop wallets were not affected. Less than 1% of wallets on our platform were affected as a result of this attack." 

Thunder Terminal reasserted its commitment to user security, highlighting that private keys and wallets remained uncompromised. Confirming the financial impact, the team acknowledged the loss of 86.5611512804 ETH and 439.12232317 SOL, equivalent to around $240,000. In the report, the platform pledged full refunds to affected users, coupled with 0% fees and $100,000 in credits each as a compensatory measure.

Attacker's Counterclaims on Etherscan

Thunder Terminal is a trading platform specifically designed for quick trades across several blockchain networks, including Ethereum, Solana, Avalanche, and Arbitrum. Several such trading platforms have fallen victim to similar hacks, losing user funds. 

Despite its reassurances, confusion arose when the attacker issued counterclaims on Etherscan. The assailant disputed the platform's statements as "lies" and claimed to be holding user data. They also demanded a 50 ETH ransom to delete this purportedly compromised user data. 

Thunder Terminal Responds

While Thunder Terminal did not directly address the hacker's ultimatum, it reiterated that the platform lacks access to users' private keys. The protocol claimed commitment to reinforcing security measures and expressed openness to negotiations with the attacker to reclaim the stolen funds.

Meanwhile, blockchain detective ZachXBT uncovered that the attacker transferred $192,500 to Railgun. The incident underscores the persistent challenges faced by cryptocurrency platforms in maintaining robust security protocols.

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.