According to CryptoPotato, Thunder Terminal, an on-chain trading platform, recently fell victim to hackers, losing $240,000. The breach resulted in losses of 86.5 Ether and 439 Solana, equivalent to $240,000, occurring within nine minutes. The platform initially detected suspicious withdrawals from user wallets at 12:11 AM UTC on December 27. The hacker gained access to a “MongoDB connection URL,” leveraging it to extract session tokens and execute withdrawals from users’ wallets.
Thunder Terminal took prompt action by revoking all session token access and transaction signing, effectively mitigating the attack. The team confirmed that no private keys and user wallets were compromised while acknowledging that only 1% of wallets were impacted. The platform asserted it would fully refund all lost funds and provide affected users with 0% fees and $100,000 in credits. Additionally, it has engaged its legal team and contacted the FBI. A comprehensive technical audit of the on-chain trading system is currently underway.
In 2023, there was a notable decrease of over 50% in hack volumes within the crypto industry, according to TRM Labs. The majority of these incidents, accounting for approximately 60%, were identified as infrastructure attacks. Such incidents entail the theft of private keys or compromise of seed phrases, where perpetrators infiltrate the fundamental elements of a cryptocurrency system, such as servers, networks, or software, to either pilfer assets or manipulate trades. However, improved security measures, increased law enforcement actions, and greater industry collaboration with exchanges, wallet providers, and blockchain networks have managed to lessen the damage. In fact, this marks the first instance of a decline in stolen amounts since 2020, as per De.FI, a Web3 security firm. Its report revealed that approximately $2 billion in crypto was pilfered by hackers through numerous cyberattacks and thefts throughout 2023.