fxs_header_sponsor_anchor

Crypto hack: Ethereum, Solana DeFi trading platform Thunder exploited for $239,000

|ByAaryamann Shrivastava

  • Thunder team confirmed the exploit on X, stating that 86 ETH and 439 SOL were lost in the attack.
  • The hacker stated that they held user data regarding private keys and that they intended to delete it.
  • The Thunder team stated no keys or wallets are stored by the protocol, hence making the threat irrelevant.

The team also assured affected users that their funds would be refunded and that they would be given 0% fees.

The crypto market witnessed another hack before the year ended as trading platform Thunder confirmed an exploit on December 27. The DeFi protocol running on Ethereum, Solana, and other chains has been threatened by the exploiter of potentially deleting users’ private keys’ data, although the team denied the possibility, reassuring the safety of assets.

Crypto trading protocol Thunder hacked

Crypto trading protocol Thunder took to X, formerly Twitter, to confirm a suspected exploit on December 27. The team addressed the suspicious withdrawals that began early in the morning and put a halt to the same in the next nine minutes.

The hacker still managed to steal 86.5 ETH and 439 SOL, collectively worth over $239,000. According to Thunder, the exploiter managed to gain access to a MongoDB connection URL, which they used to pull session tokens and execute withdrawals on behalf of users.

While the team behind the protocol stated that 114 out of the 14,000 wallets on the platform were affected, the exploiter noted that they held the user data concerning private keys and intended to delete them.

Thunder exploiter’s threat

This threat was discredited by the Thunder team, which stated,

“No private keys nor wallets were compromised…We do not store any private keys, so the attacker does not have access to any wallets. Desktop wallets were not affected. Less than 1% of wallets on our platform were affected as a result of this attack.

Furthermore, the team stated that they are already communicating with the Federal Bureau of Investigation (FBI) and are willing to negotiate with the exploiter, failure of which would lead to them taking legal action.

Lastly, users were reassured of the safety of their assets, and the ones affected were notified with the team claiming that the lost funds would be refunded in full and the users would be given 0% fees and $100,000 in credits.

The Thunder exploit could be the last exploit of 2023, which has already seen the theft of more than $2 billion worth of assets, with the largest attack witnessed by blockchain security consultancy firm Mixin Network, resulting in the loss of over $200 million worth of digital assets.

Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.

RELATED CONTENT

Loading ...

Copyright © 2024 FOREXSTREET S.L., All rights reserved.