The on-chain trading platform, Thunder Terminal, has declared the safety of user funds after successfully thwarting a $240,000 exploit that targeted 114 wallets on its platform. However, the hacker responsible disputes these claims, asserting that it’s ‘all lies’ and is now demanding an additional ransom for the compromised user data.
Thunder Terminal States Security of Funds Following 240K Dollars Cyber Attack
In the incident report dated December 27, Thunder Terminal reassured its users that no private keys or wallets had been compromised during the attack. The report outlined the total losses incurred, amounting to 86.5 Ether (ETH) with a value of $2,258 and 439 Solana (SOL) with a value of $112, totaling $240,000, all within a span of just nine minutes. Thunder Terminal attributed the exploit to an attacker gaining access to a ‘MongoDB connection URL,’ enabling unauthorized withdrawals on behalf of users. The incident report disclosed that the MongoDB company itself had been exploited eight days prior, leading to a breach of Thunder’s data.
Thunder Terminal Asserts Fund Security Post 240K Dollars Breach; Hacker Disputes Claim
Thunder Terminal reiterated that out of its 14,000 wallets, only 114 were compromised during the recent attack. The platform assured its users that those affected would be fully refunded, and in a gesture of goodwill, they would also receive 0% fees and $100,000 in platform credits.
Despite Thunder’s assurance that all user data was secure, a memo left by the attacker on Etherscan contradicted these claims. The exploiter dismissed Thunder’s statements as ‘all lies’ and insisted on a 50 ETH ($110,000) ransom for the allegedly compromised data.
“We have all the user data. 50 ETH, and we will delete the data,” stated the hacker.
Thunder Terminal declared its commitment to enhancing security measures and expressed willingness to negotiate with the hacker for the return of the stolen funds. While the platform did not directly address the hacker’s ultimatum, it emphasized that it lacks access to users’ private keys, making it impossible for the attacker to obtain such sensitive information.
Leave a comment