Holiday Havoc: Thunder Terminal Loses $240,000 in Cyberattack
As the holiday season arrives, exploiters seem to be unusually active, and this time, Thunder Terminal fell victim to their efforts, losing $240,000.
The breach resulted in losses of 86.5 Ether and 439 Solana, equivalent to $240,000, occurring within nine minutes. The hacker gained access to a “MongoDB connection URL,” leveraging it to extract session tokens and execute withdrawals from users’ wallets.
Thunder took prompt action by revoking all session token access and transaction signing, effectively mitigating the attack. The team confirmed that no private keys and user wallets were compromised while acknowledging that only 1% of wallets were impacted. The incurred losses amounted to 86.56 ETH and 439.12 SOL, totaling around $240,000 in user funds.
The platform asserted it would fully refund all lost funds and provide affected users with 0% fees and $100,000 in credits. Additionally, it has engaged its legal team and contacted the FBI. A comprehensive technical audit of the on-chain trading system is currently underway.
Thunder Terminal outlined its immediate actions, including the implementation of two-factor authentication (2FA) for withdrawals, enhancing security measures related to session issuance, and expressing intent to pursue the services utilized by the attacker.
Thunder Terminal further added that it is willing to engage in negotiations with the exploiter under the condition that they return the user funds. However, in the lack of such cooperation, the platform is determined to pursue legal action to the fullest extent within the US judicial system to address this crime.
Hacks Slow Down for the First Time Since 2020
In 2023, there was a notable decrease of over 50% in hack volumes within the crypto industry, according to TRM Labs. The majority of these incidents, accounting for approximately 60%, were identified as infrastructure attacks. Such incidents entail the theft of private keys or compromise of seed phrases, where perpetrators infiltrate the fundamental elements of a cryptocurrency system, such as servers, networks, or software, to either pilfer assets or manipulate trades.
Improved security measures, increased law enforcement actions, and greater industry collaboration with exchanges, wallet providers, and blockchain networks have managed to lessen the damage.
This marks the first instance of a decline in stolen amounts since 2020. Approximately $2 billion in crypto was pilfered by hackers through numerous cyberattacks and thefts throughout 2023.
Hot Take: Cybersecurity Challenges Remain a Concern for Crypto Platforms
The recent cyberattack on Thunder Terminal highlights the ongoing challenges that crypto platforms face in terms of cybersecurity. Despite efforts to enhance security measures and collaborate with industry stakeholders, hackers continue to exploit vulnerabilities and target user funds.
While it is encouraging to see a decline in hack volumes compared to previous years, the threat still persists. It is crucial for crypto platforms to remain vigilant and proactive in implementing robust security protocols to safeguard user assets.
As the crypto industry continues to grow and attract more users, ensuring cybersecurity becomes even more critical. Platforms must prioritize investing in advanced technologies and expertise to stay one step ahead of cybercriminals.
By
By
By
By