Thunder Terminal lost around $244,000 worth of crypto as hackers accessed a MongoDB connection URL. The decentralized exchange has promised users that the funds will be refunded. However, the hackers are demanding additional ransom.
Hackers are proactively looking for loopholes in crypto projects to exploit the funds. Projects with significant total value locked (TVL) can risk losing the funds due to the slightest technical mistake.
Hackers Claim That Thunder Terminal is Lying
In the first instance, Thunder Terminal declared that the hack had occurred because a third-party service that they were using was compromised. It also claimed that the funds were safe.
Later, Thunder Terminal wrote a detailed incident report clarifying that they had stopped the hack in less than nine minutes. It explained:
“A malicious actor got access to a MongoDB connection URL which they used to pull session tokens and execute withdrawals on behalf of users.
The MongoDB company was exploited 8-days ago and both data and customer account details were leaked as a result.”
MongoDB is a database service.
The Thunder Terminal team shared that the hackers stole around 86.56 Ethereum (ETH) and 439.12 Solana (SOL). As of writing, the approximate market value of these assets is around $244,000. The team also assured a refund.
On the flip side, the hackers claim that the Thunder Terminal team is lying. Through an on-chain message, the hackers demanded a ransom of 50 ETH and wrote:
“All lies. Also we have all the user data. 50 ETH and we will delete the data.”
On Tuesday, BeInCrypto reported that the Decentralized Finance (DeFi) project Telcoin lost around $1.3 million to hackers. In 2023, the bad actors have stolen more than $1.7 billion.
However, global law enforcement agencies are ramping up efforts to tackle crypto crimes. They are being trained with the necessary tools for the succesful investigation of on-chain crimes.
Do you have anything to say about Thunder Terminal hackers or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X (Twitter).
For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.