Thala Labs Investigates Exploit That Drained $25.5M
The post Thala Labs Investigates Exploit That Drained $25.5M appeared on BitcoinEthereumNews.com.
Thala Labs recovered $25.5M stolen in a breach after identifying the exploiter and negotiating a $300K bounty. Thala Labs paused contracts for security reviews after a vulnerability was exploited, ensuring full recovery for affected users. Thala Labs, a DeFi project in the Aptos ecosystem, suffered a severe security compromise on November 15, 2024. An official statement on their Twitter account claims that the hack took advantage of an isolated vulnerability in the latest farming contract update version 1. The hack let the assailant steal liquidity pool tokens worth $25.5 million. Thala Labs responded by stopping all associated contracts and freezing assets connected to their native tokens, including $2.5 million worth of THL and $9 million worth of MOD. Important Announcement On November 15th 2024, Thala suffered a security breach as a result of an isolated vulnerability in the latest update to v1 farming contracts, allowing the exploiter to withdraw liquidity pool tokens totaling $25.5m. We immediately paused all relevant… — Thala (@ThalaLabs) November 16, 2024 Thala: Swift Action Ensures User Recovery and Platform Security Quick cooperation with law enforcement and cybersecurity professionals like Seal 911 and Ogle helped the exploiter be found and a settlement arrived. To guarantee complete recovery of all user assets, the hacker agreed to return the pilfers in exchange for a $300,000 bounty. Affected customers will have their places restored in whole, so the staff affirmed that no more action is needed from them. Still, Thala has maintained all pertinent contracts and stopped its frontend interface to thoroughly check and re-audit impacted products in security. Current modules like CDP and LST positions are not changed by this compromise. Once the platform is judged to be absolutely safe, more updates will be given. This episode draws attention to the ongoing risks aimed at DeFi systems. Separately, CNF…
Filed under: News - @ November 17, 2024 7:18 am