Hacker Recovers $25 Million Stolen from Thala Protocol
Date: 2024-11-18 Author: Henry Casey Categories: BUSINESS
The Thala platform announced that the incident was caused by a vulnerability in the smart contracts for farming in the old version v1. The exploit allowed the hacker to withdraw tokens worth $25.5 million. After identifying the attack, Thala quickly suspended all affected contracts and froze $9 million in MOD and $2.5 million in THL to prevent further losses.
The Thala team turned to SEAL 911 and Ogle Security Group, which specialize in the return of stolen crypto assets, for help. These groups identified the hacker's identity, including his address, in a matter of minutes. Thanks to negotiations, the developers were able to agree on the return of the stolen funds. As a result, the attacker agreed to return everything stolen, keeping $300,000 as a reward for identifying the vulnerability.
According to the platform, users affected by the incident will not need to take any action to recover funds. All assets will be fully compensated. However, until a thorough security audit is completed, the functionality of the affected contracts and the Thala interface will remain temporarily frozen.
Thala Labs provides products such as an automated market maker and the Move Dollar (MOD) stablecoin, designed for the Aptos ecosystem. According to DefiLlama, Thala ranks fourth in terms of volume of locked assets (TVL) among all DeFi protocols running on Aptos.
It is worth noting that such incidents are not uncommon in the DeFi world. For example, in February of this year, the Seneca protocol faced a hacker attack that led to the loss of $6.4 million in ether due to an error in a smart contract. The hacker then also agreed to return a significant portion of the stolen funds – about 80%, keeping $1.2 million as a reward.
