Thala Labs has successfully recovered $25.5 million that was stolen from users after a cyber attack. Through operational negotiations with the hacker, all assets were restored, marking a significant achievement in cybersecurity.
The incident, which took place on November 15, was a result of a vulnerability in updating V1 contracts for farming on the Thala project’s decentralized financial platform in the Move programming language. The exploit allowed the attacker to remove $25.5 million from liquidity bullets, leading the platform to suspend related contracts and freeze tokens worth $11.5 million.
To identify the attacker, Thala enlisted the help of law enforcement agencies, SEAL 911, and OGLE specialists during the investigation. A ransom of $300,000 was agreed upon, enabling the return of the stolen assets and ensuring full compensation for affected users.
Thala assured users that their positions would be completely restored without requiring any additional actions. However, all contracts and the platform interface will remain frozen until a thorough safety check is conducted.
To prevent similar incidents in the future, Thala Labs will conduct a second audit of the entire code and affected modules. Despite the security breach, existing positions on the CDP and LST modules remain unaffected and operational as usual.
The Thala platform, which launched on the Layer 2 Ethereum blockchain earlier this year, has maintained its reputation as a reliable decentralized finance (Defi) platform. By utilizing smart contracts and decentralized systems, Thala provides financial services without the need for traditional financial institutions like banks or exchanges.