THORChain Founder’s Wallet Hacked: $1.2M Stolen

The recent hack of THORChain co-founder John-Paul Thorbjornsen’s wallet has led to THORSwap issuing a public bounty for the return of over $1.2 million in stolen funds. This incident did not involve a protocol breach.

John-Paul Thorbjornsen was targeted by a sophisticated social engineering attack, involving a deepfake Zoom scam linked to a hacked Telegram account. Paper X, CEO of THORSwap, confirmed that this breach affected only a personal wallet. He stated, “No protocol has been exploited. The incident concerns a personal wallet. We are coordinating all efforts to recover the assets and assure community safety.”

The incident’s financial impact remains limited as it involved personal funds rather than project resources. The THORChain and THORSwap protocols maintain unaffected security, and the event has not resulted in any loss of protocol liquidity or staked assets.

ZachXBT, a blockchain analyst, attributed the attack to North Korean hackers with involved assets including Kyber Network and THORSwap tokens. The breach highlights vulnerabilities in personal wallet securities rather than project infrastructure.

No official commentary from regulatory bodies has been issued, as this was a personal wallet compromise rather than a protocol assault. The crypto community continues to emphasize the importance of operational security for individuals.

Potential outcomes may involve increased scrutiny of personal security practices and the adoption of enhanced protective measures such as threshold signature wallets. Blockchain analysts cite the attack’s resemblance to prior DeFi founder incidents. John-Paul Thorbjornsen mentioned, “The old wallet was stored in a logged-out Chrome profile, keys in iCloud Keychain. It’s possible a 0-day exploit accessed them. This is why I believe only threshold signature wallets are true protection.”