A devastating security breach at THORSwap has resulted in the theft of approximately $1.2 million from the founder of THORChain, John-Paul Thorbjornsen (JP Thor). The attack involved a sophisticated social engineering scheme orchestrated by suspected North Korean hackers, who exploited vulnerabilities in a Telegram scam. Blockchain investigator ZachXBT played a crucial role in tracing the stolen funds. Thorbjornsen’s personal wallet, identified as starting with address 0x7Ab, was targeted, resulting in significant losses of Kyber Network tokens and THORSwap tokens. The platform is offering a public bounty for the return of the stolen assets to incentivize recovery. THORSwap CEO Paper X emphasized that no protocol-level vulnerabilities were exploited but assured the community that efforts are underway to address the situation. The company’s X (formerly Twitter) account confirmed the focus on recovering funds through an incentive program. JP Thor has strongly advised against storing sensitive information like seed phrases on cloud platforms and advocating for secure multi-device threshold signature wallets like Vultisig instead of easily compromised browser wallets. Despite concerns about wallet security, THORChain’s total value locked (TVL) remains unaffected. However, the incident raises broader questions about money laundering on the platform, as the Lazarus Group has reportedly used THORChain to anonymize stolen funds. Discussions within the community are centered around enhancing security protocols and mitigating risks associated with browser wallet extensions. Notably, prominent figures in the crypto world such as Arthur Hayes, CZ, and Vitalik Buterin have yet to publicly respond to the incident, but JP Thor’s previous comments on the value of output-based projects offer insight into the community’s resilience amidst challenges. The protocol’s continued progress on GitHub and roadmap updates underscore a commitment to resolving security concerns and navigating this crisis.