The on-chain trading platform Thunder Terminal was hacked today, resulting in an unauthorized transfer of 86.5 ETH worth around $192k to Railgun. ZachXBT exposed this cyberattack on his Telegram channel, which monitors activities on blockchain networks.
Thunder Terminal issued a brief statement following the attack to alleviate its users’ concerns regarding compromising their confidential access codes. The company had guaranteed that all cash on hand would remain intact at the commencement of operations and that any losses sustained would be promptly recouped through reparation.
Thunder Terminal provided further clarification: the exploit affected only a few users, though 114 wallets out of more than 14,000. The platform stressed that the funds were now safe and explained how they had thwarted this attack within nine minutes of its onset.
ZachXBT has highlighted a note by the purported attacker, which contradicts Thunder Terminal’s statements. He accused them of disseminating lies. The message coming from the attacker was apparently sent from their address and stated that they had obtained user data, giving them 50 ETH to hand it over.
Thunder Terminal explained in detail that the breach was due to withdrawal requests that were processed as legitimate transactions because session tokens had been leaked. The platform confirmed that it had lost about 86.5 ETH and 439 SOL, amounting to some US$47,800.
Since the recent incident, Thunder Terminal has signaled its intent to refund all those who have lost funds. In addition to this compensation, affected users will also receive a 0% fee offer and $100,000 in credits. But despite inquiries from The Block, the go-to source of news and information for all things related to the crypto industry, Thunder Terminal has yet to respond with any comments or updates.
The attack at Thunder Terminal reminds us that digital trading platforms continue to face fierce battles with cyber threats, which are also becoming increasingly sophisticated. The speed of the response and Thunder Terminal’s willingness to reimburse all affected users show a keen concern for protecting user security despite difficulties in running an exchange under fluctuating market conditions.