THORSwap Offers $1,2 Million Bounty After Hack
- THORSwap proposes a reward to recover stolen funds
- THORChain Founder Lost $1,35 Million in Attack
- PeckShield confirms protocol has not been compromised
DEX aggregator THORSwap announced an onchain bounty offering to recover funds following the exploitation of a personal wallet linked to the THORChain ecosystem. According to PeckShield, the loss was estimated at approximately $1,2 million.
On-chain detective ZachXBT pointed out that the victim of the attack is likely John-Paul Thorbjornsen, founder of THORChain. He reportedly lost approximately $1,35 million in a scam linked to North Korean hackers. "Bounty offer: Return $THOR as a reward. Contact or with the THORSwap Discord to get an OTC offer,” the message sent to the attacker The note added: “No legal action will be taken if the amount is returned within 72 hours.”
Initially, PeckShield signaled that the incident could be related to the protocol itself. However, after clarification from the team, it was confirmed that the exploit only affected one user's personal wallet. "This incident involved a user's personal wallet being exploited and is not related to THORChain," the project team stated. The CEO, known as "Paper X," reinforced that neither THORChain nor THORSwap were compromised.
Hey @imcryptofreak , this incident involved a user's personal wallet being exploited, and is not related to @THORChain . Time to pin your post. 🤓
— THORChain (@THORChain) September 12, 2025
According to Thorbjornsen, the attack began when he received a message from a friend on Telegram, whose account had been hacked. The malicious link, disguised as an invitation to a Zoom meeting, led to the compromise of an old MetaMask account stored in a Chrome profile and synced with iCloud Keychain. He noted that the attackers may have used a zero-day exploit, highlighting the importance of multi-signature wallets as a more secure alternative.
ZachXBT detailed that the hackers siphoned approximately $1,03 million in Kyber Network tokens and another $320 in THORSwap assets. The funds were sent to an address identified as "Exploiter 6," where the reward messages were also received. Some of the funds had already been converted to ETH at an address beginning with "0x7Ab," according to onchain tracking.
The case reinforces the growing use of onchain rewards as a trading mechanism to recover funds lost in attacks targeting the cryptocurrency sector.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
AiCoin Daily Report (September 11)
Cboe to debut bitcoin and ether Continuous futures in November
Cboe Futures Exchange aims to introduce long-dated crypto contracts under US regulatory oversight
The Internet is building a native financial system, and the key to success or failure still lies in user experience.
Infrastructure provision is possible, but user experience wins everything.
Why are perpetual contracts inevitably part of general-purpose blockchains?
The future trend is that perpetual contracts (and all "killer applications") will make leading general-purpose blockchains even more powerful.
Trending news
MoreCrypto prices
More
