The recent theft from THORChain founder JP Thor's personal wallet prompted THORSwap to offer a reward for the recovery of stolen assets. Hackers employed a sophisticated social engineering scheme.
Cyber Attack Scheme
The theft amounted to approximately $1.2 million and involved North Korean hackers utilizing a social engineering scheme. AI was used to create a deepfake video call related to discussing investment opportunities. Blockchain investigations revealed that stolen assets included about $1.03 million in Kyber Network tokens and $320,000 in THORSwap tokens, transferred from a wallet starting with the address 0x7Ab.
THORSwap's Response and Recommendations
THORSwap CEO Paper X stated that there were no protocol-level vulnerabilities in the incident, as hackers targeted only Thor's personal wallet. In response, THORSwap offered a reward for the return of the stolen assets, suggesting the possibility for confidential negotiations with the hacker. JP Thor also strongly advised against storing seed phrases and keys on cloud platforms like iCloud and Google Drive.
Community Reaction and Future Risks
Despite the incident, on-chain data indicated no damage to THORChain's total value locked (TVL) or liquidity. However, concerns about money laundering on the platform continue. The Lazarus Group reportedly used THORChain's swap services to mix stolen funds, leading to record-high swap volumes. Ongoing discussions in the community focus on wallet security and risks associated with browser wallets.
The situation involving the $1.2 million theft from JP Thor's wallet underscores the importance of personal data protection and digital asset security, which are becoming increasingly crucial in the cryptocurrency landscape.
