The Thala token has experienced a 35% decline since the incident, despite the fact that the compromised funds were completely recovered.
Thala Labs, a decentralized finance firm, was able to recover $25.5 million in liquidity pool tokens that were taken from one of its agricultural contracts. The perpetrator was apprehended by law enforcement and crypto sleuths.
Thala disclosed in a post on November 16 that there had been a “security compromise” on November 15 as a result of a “isolated vulnerability” in its v1 agricultural contracts. This vulnerability enabled the intruder to extract liquidity tokens.
Thala stated that it promptly suspended all pertinent contracts and frozen $11.5 million in Thala-related assets. Additionally, it was capable of identifying the perpetrator. Thala stated, “We were able to promptly identify the exploiter with the assistance of law enforcement, Seal 911, Ogle, and others.”
After the incident, the intruder returned the funds six hours later, according to crypto investigator Ogle. Thala stated that it negotiated a $300,000 bounty with the perpetrator in exchange for the complete return of user assets. There was no disclosure of the attacker’s identity.
Thala emphasized that “affected users will not require any additional action, and their positions will be fully restored.”
Thala’s front end is now accessible. Subsequently, Thala will implement a “extensive review” and re-audit of the protocol’s codebase, which will render users incapable of staking and unstacking positions.
According to Thala’s CEO Adam Cader, the assault was related to the incorporation of Thala with Move, a network of modular blockchains developed by Movement Labs, as mentioned in a post on X on November 16.
“It is inevitable that some security issues will arise in the future on Move. However, the reason we are all constructing here is to ensure that these issues occur at a significantly lower frequency and severity, and that they trend to zero over time as adjacent tooling becomes more robust.”
The Thala platform is one of the most prominent DeFi platforms on the Aptos layer-1 blockchain. CoinGecko reports that the THL token has experienced a 35% decline to $0.51 since the incident.
In the exploit, approximately $2.5 million in THL tokens were stolen, while an additional $9 million was obtained from Thala’s Move Dollar (MOD) stablecoin.
DefiLlama data indicates that the total value of Thala has decreased from $240 million on Nov. 15 to $195.6 million at the time of writing.
According to CertiK, a blockchain security firm, nearly $130 million was stolen from victims in October, with the majority of the theft due to exploits.
The lending protocol Radiant Capital experienced the most significant incident in October, resulting in a loss of approximately $54 million.
In the preceding three months of Q3 2024, hackers stole approximately $460 million in 28 incidents, according to cybersecurity company Hacken.
Also Read: Metaplanet Issues ¥1.75 Billion Bond in a Second Attempt to Invest in Bitcoin
