THORSwap Offers $1,2 Million Bounty After Hack
- THORSwap proposes a reward to recover stolen funds
- THORChain Founder Lost $1,35 Million in Attack
- PeckShield confirms protocol has not been compromised
DEX aggregator THORSwap announced an onchain bounty offering to recover funds following the exploitation of a personal wallet linked to the THORChain ecosystem. According to PeckShield, the loss was estimated at approximately $1,2 million.
On-chain detective ZachXBT pointed out that the victim of the attack is likely John-Paul Thorbjornsen, founder of THORChain. He reportedly lost approximately $1,35 million in a scam linked to North Korean hackers. "Bounty offer: Return $THOR as a reward. Contact or with the THORSwap Discord to get an OTC offer,” the message sent to the attacker The note added: “No legal action will be taken if the amount is returned within 72 hours.”
Initially, PeckShield signaled that the incident could be related to the protocol itself. However, after clarification from the team, it was confirmed that the exploit only affected one user's personal wallet. "This incident involved a user's personal wallet being exploited and is not related to THORChain," the project team stated. The CEO, known as "Paper X," reinforced that neither THORChain nor THORSwap were compromised.
Hey @imcryptofreak , this incident involved a user's personal wallet being exploited, and is not related to @THORChain . Time to pin your post. 🤓
— THORChain (@THORChain) September 12, 2025
According to Thorbjornsen, the attack began when he received a message from a friend on Telegram, whose account had been hacked. The malicious link, disguised as an invitation to a Zoom meeting, led to the compromise of an old MetaMask account stored in a Chrome profile and synced with iCloud Keychain. He noted that the attackers may have used a zero-day exploit, highlighting the importance of multi-signature wallets as a more secure alternative.
ZachXBT detailed that the hackers siphoned approximately $1,03 million in Kyber Network tokens and another $320 in THORSwap assets. The funds were sent to an address identified as "Exploiter 6," where the reward messages were also received. Some of the funds had already been converted to ETH at an address beginning with "0x7Ab," according to onchain tracking.
The case reinforces the growing use of onchain rewards as a trading mechanism to recover funds lost in attacks targeting the cryptocurrency sector.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitwise Launches Solana Staking ETF on NYSE Offering Direct SOL Exposure and Staking Rewards
Democrat Ro Khanna Proposes Crypto and Stocks Trading Ban for Elected Officials
AI Agents Can Now Access Wallets—Is It Safe?
AI agents may soon control crypto wallets via Coinbase’s x402 protocol. Is this the future, or a security risk?What Is the x402 Protocol?Safety Concerns and Questions
Markets Expect Fed Rate Cut This Wednesday
Traders price in a 97.8% chance of a 25bps Fed rate cut this Wednesday, according to CME data.Why This Matters for Crypto and StocksLooking Ahead to Wednesday’s Fed Meeting
Trending news
MoreCrypto prices
More
