简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:Thunder Terminal, a prominent on-chain crypto trading platform, grapples with a recent security breach resulting in the loss of substantial funds, prompting swift action and raising concerns about user data safety in the cryptocurrency landscape.
Thunder Terminal, an on-chain crypto trading platform, encountered a security breach today, resulting in the loss of 86.5 ETH (approximately $192,000) and 439 SOL (around $47,800). However, the platform assured users that no private keys were compromised and has taken measures to secure their funds.
Introduced by Eversify Labs in late 2022, Thunder Terminal facilitates swift transactions across various blockchain networks like Ethereum, Solana, Avalanche, and Arbitrum. It positions itself as an alternative to Telegram trading bots such as Unibot.
As per Thunder Terminals statement on X (previously known as Twitter), the incident impacted only 114 out of over 14,000 wallets on the platform. The company ensured the security of funds going forward and claimed to have swiftly halted the attack within nine minutes. Additionally, they intend to fully reimburse the lost funds and provide affected users with 0% fees and $100,000 in credits each.
However, the attacker disputed Thunder Terminals assertions in an on-chain message, claiming possession of user data and demanding 50 ETH as ransom for its deletion. This assertion introduces complexity, raising concerns about user data safety.
Thunder Terminals incident report identified unauthorized withdrawal requests as the exploit's cause, executed due to leaked session tokens through a MongoDB connection URL exploited by the attacker.
Addressing the breach, Thunder Terminal emphasized that only less than 1% of its users‘ wallets were affected. They confirmed that none of their team members’ accounts were compromised, and the breach did not stem from internal errors.
Jackson, Thunder Terminal‘s representative, confirmed the FBI’s active involvement in investigating the incident. The service is scheduled to resume today, with enhanced security measures in place and ongoing efforts for a comprehensive security audit. Refunds for affected users are also in the pipeline, as per Jacksons internal update.
This incident underscores the persistent cybersecurity challenges faced by on-chain trading platforms and emphasizes the critical need for robust security measures in the swiftly evolving cryptocurrency sector. Thunder Terminal‘s rapid response and commitment to reimbursing affected users demonstrate the platform’s dedication to upholding user trust and security in the aftermath of the breach.
Cryptocurrency exchanges, frequently targeted by hackers, have encountered similar incidents in recent months, including breaches at HTX, Bitrue, Gdac, and Deribit, resulting in substantial losses.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
Amid ongoing efforts to recover assets for creditors of the defunct crypto exchange FTX, Sam Trabucco, former co-CEO of Alameda Research, has agreed to forfeit high-value assets, including two San Francisco properties and a yacht. According to a court filing dated 3 November, the combined value of these assets reaches approximately $11.2 million — with the properties estimated at $8.7 million and the 53-foot yacht at $2.5 million.
Tradeweb and Tokyo Stock Exchange partner to improve ETF liquidity for global investors, offering streamlined access and competitive trading in Japan’s ETF market.
Bitget Wallet and Foresight Ventures unveil a $20M fund to fuel Telegram Mini Apps, aiming to boost innovation and support developers in the TON ecosystem.
In a significant ruling, a court in The Hague has ordered the cryptocurrency exchange Binance to disclose personal information of an account holder implicated in a major dating app scam. This directive follows a case involving a Dutch woman who fell victim to a “pig butchering” scam, leading to a loss of nearly €186,000 (approximately $200,000 USD) in what she believed to be a legitimate cryptocurrency investment.