Multi-chain buying and selling platform Thunder Terminal has suffered a hacker assault, saying a malicious actor gained entry to a MongoDB connection.
In an X submit on Dec. 27, Thunder Terminal acknowledged the breach, stating that the hacker gained entry to a MongoDB connection URL.
This entry allowed the intruder to retrieve session tokens and execute withdrawals on behalf of customers.
The assault concluded at 12:20 AM UTC, Dec 27, in spite of everything session tokens and transaction signing entry have been revoked for safety causes, Thunder Terminal mentioned.
Whereas Thunder Terminal assured customers that no personal keys or wallets have been compromised, the group admitted that “lower than 1% of wallets” have been affected. The assault reportedly resulted in funds being stolen from at the very least 114 wallets.
“The exploit occurred via withdrawal requests our server thought of as approved due to leaked session tokens. We don’t retailer any personal keys, so the attacker doesn’t have entry to any wallets. Desktop wallets weren’t affected.”
Thunder Terminal
As of press time, it’s unclear, how precisely the hacker bought entry to the mission’s database. Thunder Terminal suggests that the hack could also be associated to an incident involving New York-based MongoDB. In mid-December, MongoDB detected “suspicious exercise” on its community, later confirming that hackers had infiltrated its methods “for some time period earlier than discovery.”
In response to blockchain sleuth ZachXBT, the assault transferred 86.5 ETH (value round $192,500) to Railgun, a privacy-aimed protocol that allows customers to anonymously swap cryptocurrencies and make personal transactions. The mission additionally revealed that the hacker stole over 439 SOL (round $49,160).
Initially, Thunder Terminal mentioned the assault was associated to a compromise of its third-party supplier. The group additionally mentioned “funds are protected,” including that “refunds shall be dealt with shortly.”
Nevertheless, shortly after this submit, the hacker issued a blockchain-based assertion, accusing the Thunder Group of mendacity and threatening to reveal all consumer information until the mission pays them 50 ETH in ransom.
Launched in late 2022, Thunder Terminal is a multi-chain buying and selling platform with help for Ethereum, Solana, Avalanche, and different networks.