Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.
Major security breach at Thunder Terminal leads to $240,000 loss

On-chain trading protocol Thunder Terminal experienced a security breach on Wednesday, December 27, resulting in a $240,000 loss before its team was able to regain control.

Following the exploit, Thunder reassured users about the safety of their funds. However, the hacker says the attack wasn’t over yet, and they threatened to delete user data unless Thunder paid an additional 50 ETH ($110,000) ransom. Thunder refuted this threat, stating that no private keys or wallets were compromised.

“No private keys nor wallets were compromised… We do not store any private keys, so the attacker does not have access to any wallets,” Thunder wrote in its statement.

According to Thunder, the attacker obtained access to a “MongoDB connection URL” after the MongoDB company was exploited eight days earlier. This incident enabled them to breach Thunder’s data and execute withdrawals for users.

On December 18, MongoDB, a database management firm catering to clients like Adobe, eBay and the UK’s Department for Work and Pensions, reported a security incident that exposed certain customer account metadata and information. The Web3 community was concerned about Thunder Terminal’s lack of action to minimize the potential risk stemming from the MongoDB hack.

“MongoDB literally got hacked LAST WEEK—how do you not move all data and rotate everything after seeing this headline?” asked Delegate founder 0xfoobar.

The incident impacted 114 wallets on Thunder’s platform, comprising 86.5 ETH (approximately $192,000) and 439 SOL (roughly $47,800). Affected users have received notifications, with the team ensuring full refunds for the lost funds. They also promised users 0 percent fees and provided $100,000 in credits as compensation.

Thunder has notified the Federal Bureau of Investigation (FBI) of the case and is open to negotiating with the hacker for the return of stolen funds. If the negotiations fail, the platform will pursue legal action.

Thunder announced plans to add security measures, including two-factor authentication (2FA) for withdrawals. It will also conduct a thorough ‘deep clean’ with audits before resuming online operations.

After the incident, Thunder verified that none of their team members’ accounts were compromised through phishing. It also reaffirmed that the breach did not result from internal errors.

Thunder Terminal began making its waves in late 2022 as a specialized trading platform facilitating swift transactions across various blockchain networks like Ethereum, Solana, Avalanche and Arbitrum. Thunder Terminal entered the market during a period marked by a surge in popularity for meme coins in the latter half of the year.

Various blockchain hacks

This case is just one of the security incidents that were reported in the crypto space this year. Cryptocurrency exchanges, frequently targeted by hackers, have witnessed similar incidents in recent months, including hacks on HTX, Bitrue, Gdac and Deribit, resulting in massive losses.

Based on a recent report by De.Fi, the decentralized finance sector suffered losses of around $1.95 billion in 2023. This comes as Ethereum became the most vulnerable chain to bad actors, losing about $1.35 billion through 170 breaches.

Blockchain security consultancy firm Mixin Network experienced the most significant attack this year. In the early morning of September 23, its cloud service provider database was breached, leading to the loss of digital assets valued at more than $200 million.

Two days after the incident, Feng Xiaodong, founder of the Mixin Network, appeared on a Twitch livestream to address customer concerns about their assets. His statement shocked the network users, mentioning that Mixin could only guarantee the security of “at least half” of the assets.

In addition, Xiaodong mentioned that Mixin could only offer refunds for a maximum of 50 percent of the stolen assets. The remaining portion would be distributed to affected users as “tokenized liability claims,” with Mixin planning to repurchase these claims from customers using its future profits.

Read More: