Thala Recovers $25.5 Million in Stolen Funds After Cyberattack

Thala has successfully recovered $25.5 million in stolen user funds following a cyberattack. Through swift negotiations with the hacker, the platform managed to reclaim the entirety of the assets.

The Thala project, renowned for its decentralized finance platform built on the Move programming language, confirmed that the incident occurred on November 15 due to a vulnerability in the v1 farming contract update. The exploit enabled the attacker to drain $25.5 million from liquidity pools, prompting the platform to suspend all related contracts and freeze $11.5 million worth of tokens.

During the investigation, Thala collaborated with law enforcement agencies and cybersecurity experts from Seal 911 and Ogle to identify the perpetrator. A settlement of $300,000 was ultimately agreed upon, facilitating the return of the stolen funds and ensuring full restitution to affected users.

Thala reassured its users that no additional actions are required on their part, as all positions will be fully restored. However, all contracts and the platform interface will remain frozen until comprehensive security checks are completed.

To reinforce its reliability, Thala Labs will conduct a thorough audit of all code and affected modules to prevent similar incidents in the future. Existing positions in the CDP and LST modules remain intact and continue to operate as normal.

Launched on the Ethereum Layer 2 blockchain in March of this year, the platform has established itself as a trusted DeFi project, enabling users to borrow Move Dollar and provide liquidity through an automated market maker.

The development team is actively analyzing its systems to enhance security and has pledged to provide further updates as the verification processes conclude.