ZachXBT: THORSwap offers a bounty of over $1 million for vulnerabilities in the THORChain founder's wallet

ChainCatcher news, according to The Block, on-chain detective ZachXBT revealed that THORSwap has repeatedly issued bounty invitations to hackers who attacked a user's personal wallet in the past few days, with the victim possibly being THORChain founder John-Paul Thorbjornsen.

Latest on-chain information on Friday indicated that returning THOR tokens would yield rewards, and no legal action would be taken if returned within 72 hours, along with provided contact information. PeckShield initially stated that the THORChain protocol was attacked, resulting in a loss of approximately $1.2 million, but later corrected it to indicate that a user's personal wallet was attacked. ZachXBT claimed that the wallet attacked was likely John-Paul Thorbjornsen's, from which $1.35 million was stolen by North Korean hackers on Tuesday.

Thorbjornsen admitted that the attack originated from a fake Zoom link sent from a friend's hacked Telegram account. He stated that the emptied old MetaMask wallet was in another logged-out Chrome profile, with the keys stored in the iCloud Keychain, and that the attacker may have accessed it through a zero-day vulnerability, which reinforced his belief that threshold signature wallets are the only true means of protection.