PANews reported on September 12th that according to The Block, on-chain detective ZachXBT revealed that THORSwap has issued multiple bounty offers over the past few days to hackers who attacked a user's personal wallet. The victim may be THORChain founder John-Paul Thorbjornsen. An on-chain update on Friday indicated that returning THOR tokens would earn a reward, with no legal action taken within 72 hours. Contact information was also provided. PeckShield initially reported that the THORChain protocol had been attacked, resulting in losses of approximately $1.2 million, but later corrected the claim to be targeting user wallets. ZachXBT stated that the victim was likely John-Paul Thorbjornsen's wallet, from which North Korean hackers stole $1.35 million on Tuesday. Thorbjornsen admitted that the attack originated from a fake Zoom link sent from a friend's hacked Telegram account. He stated that his old MetaMask wallet, which had been emptied, was in another logged-out Chrome profile, with the key stored in iCloud Keychain, making it possible for the attacker to access it through a zero-day vulnerability. This reinforces his belief that threshold signature wallets are the only true defense.PANews reported on September 12th that according to The Block, on-chain detective ZachXBT revealed that THORSwap has issued multiple bounty offers over the past few days to hackers who attacked a user's personal wallet. The victim may be THORChain founder John-Paul Thorbjornsen. An on-chain update on Friday indicated that returning THOR tokens would earn a reward, with no legal action taken within 72 hours. Contact information was also provided. PeckShield initially reported that the THORChain protocol had been attacked, resulting in losses of approximately $1.2 million, but later corrected the claim to be targeting user wallets. ZachXBT stated that the victim was likely John-Paul Thorbjornsen's wallet, from which North Korean hackers stole $1.35 million on Tuesday. Thorbjornsen admitted that the attack originated from a fake Zoom link sent from a friend's hacked Telegram account. He stated that his old MetaMask wallet, which had been emptied, was in another logged-out Chrome profile, with the key stored in iCloud Keychain, making it possible for the attacker to access it through a zero-day vulnerability. This reinforces his belief that threshold signature wallets are the only true defense.