THORSwap Offers $1,2 Million Bounty After Hack
- THORSwap proposes a reward to recover stolen funds
- THORChain Founder Lost $1,35 Million in Attack
- PeckShield confirms protocol has not been compromised
DEX aggregator THORSwap announced an onchain bounty offering to recover funds following the exploitation of a personal wallet linked to the THORChain ecosystem. According to PeckShield, the loss was estimated at approximately $1,2 million.
On-chain detective ZachXBT pointed out that the victim of the attack is likely John-Paul Thorbjornsen, founder of THORChain. He reportedly lost approximately $1,35 million in a scam linked to North Korean hackers. "Bounty offer: Return $THOR as a reward. Contact or with the THORSwap Discord to get an OTC offer,” the message sent to the attacker The note added: “No legal action will be taken if the amount is returned within 72 hours.”
Initially, PeckShield signaled that the incident could be related to the protocol itself. However, after clarification from the team, it was confirmed that the exploit only affected one user's personal wallet. "This incident involved a user's personal wallet being exploited and is not related to THORChain," the project team stated. The CEO, known as "Paper X," reinforced that neither THORChain nor THORSwap were compromised.
Hey @imcryptofreak , this incident involved a user's personal wallet being exploited, and is not related to @THORChain . Time to pin your post. 🤓
— THORChain (@THORChain) September 12, 2025
According to Thorbjornsen, the attack began when he received a message from a friend on Telegram, whose account had been hacked. The malicious link, disguised as an invitation to a Zoom meeting, led to the compromise of an old MetaMask account stored in a Chrome profile and synced with iCloud Keychain. He noted that the attackers may have used a zero-day exploit, highlighting the importance of multi-signature wallets as a more secure alternative.
ZachXBT detailed that the hackers siphoned approximately $1,03 million in Kyber Network tokens and another $320 in THORSwap assets. The funds were sent to an address identified as "Exploiter 6," where the reward messages were also received. Some of the funds had already been converted to ETH at an address beginning with "0x7Ab," according to onchain tracking.
The case reinforces the growing use of onchain rewards as a trading mechanism to recover funds lost in attacks targeting the cryptocurrency sector.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Litecoin, HBAR ETFs by Canary Capital Triumph in Vital Nasdaq Listing Stage
Amidst a Favorable Regulatory Climate, Canary Capital Advances in the Crypto ETF Space with Litecoin and HBAR Filings
Explosive Interest in MegaETH Layer-2 ICO: $360M Pledged in Mere Minutes
Final Allocations to be Determined by Community Engagement Metrics, Following Rapid Oversubscription
Massive Buybacks Lead to 1.29B PUMP Withdrawal from Pump.fun Rally
Whale Sparks Market Activity by Withdrawing Over a Billion Tokens as Pump.fun's Buybacks Surpass $150 Million
BlackRock, Goldman Sachs Among 100+ Participants in Circle’s Arc Public Testnet Launch
Unveiling Arc: A New Blockchain Utilizing USDC as Native Gas Token with Major Tech and Financial Giants in the Testing Phase
Trending news
MoreCrypto prices
More
