Decentralized finance firm Thala Labs recovered $25.5 million of liquidity pool tokens stolen from one of its farming contracts after the hacker was tracked down by law enforcement and crypto sleuths.
In a post on Nov. 16, Thala revealed it had suffered a “security breach” on Nov. 15 due to an “isolated vulnerability” related to its v1 farming contracts, which allowed the hacker to withdraw liquidity tokens.
Thala said it immediately paused all relevant contracts and froze $11.5 million worth of Thala-related assets and was able to identify the hacker. “With the help of law enforcement, Seal 911, Ogle, and others, we were able to quickly identify the exploiter,” Thala said.
The hacker handed the funds back six hours after the incident, crypto sleuth Ogle said. Thala said it negotiated a $300,000 bounty with the hacker in exchange for the full return of user assets. Details of the attacker’s identity weren’t disclosed.
Thala stressed that “affected users require no further action, and positions will be made 100% whole.”
Access to Thala’s front end is live again. However, farming is still paused and users are unable to stake and unstake positions until Thala conducts an “extensive review” and re-audit of the protocol’s codebase.
“It’s inevitable some security issues may happen in the future on Move, but why we’re all building here is for these to occur at a far far less frequency and severity and trend to 0 over time as adjacent tooling gets stronger,” Thala’s CEO Adam Cader noted in a Nov. 16 X post.
Thala is one of the most prominent DeFi platforms on the Aptos layer-1 blockchain.
The THL token has tanked about 35% to $0.51 since the incident occurred, according to CoinGecko.
About $2.5 million worth of THL tokens were stolen in the exploit, while another $9 million came from Thala’s Move Dollar (MOD) stablecoin.
Related: M2 crypto exchange hacked for $13M, user funds already restored
Meanwhile, the total value locked on Thala fell from $240 million on Nov. 15 to $195.6 million at the time of writing, DefiLlama data shows.
Almost $130 million was snatched from victims in October, with the bulk coming from exploits, blockchain security firm CertiK reported.
The biggest incident in October involved lending protocol Radiant Capital, which lost about $54 million.
About $460 million was stolen by hackers across 28 incidents in the preceding three months in Q3 2024, according to cybersecurity company Hacken.
Magazine: Meet the hackers who can help get your crypto life savings back