Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
DeFi protocol Thala recovers $25 million following successful hacker negotiation

DeFi protocol Thala recovers $25 million following successful hacker negotiation

The BlockThe Block2024/11/15 16:00
By:The Block

Quick Take The DeFi protocol Thala successfully recovered over $25 million drained from its liquidity pools by a hacker after a successful negotiation led the hacker to accept a $300,000 bug bounty, the protocol announced. The Aptos-based protocol, which paused certain operations, is now reviewing and re-auditing its codebase.

DeFi protocol Thala recovers $25 million following successful hacker negotiation image 0

The Aptos-based decentralized protocol Thala suffered an exploit on Friday that saw a hacker drain about $25.5 million in tokens from its liquidity pools. 

Luckily, with the help of theft recovery groups SEAL 911 and Ogle Security Group, Thala was able to negotiate with the hacker for the return of the funds in exchange for a $300,000 bug bounty, the protocol announced on X. 

"Affected users require no further action, and positions will be made 100% whole. However, all relevant contracts and the Thala frontend will remain paused until deemed to be fully secure," the protocol stated . 

A member of SEAL 911 said the recovery was surprisingly straightforward after the group made contact with the hacker. 

"[SEAL 911] identified the white hat hacker within minutes (i.e. name, location etc.) due to obvious onchain links. Fortunately, the white hat hacker reached out themselves a little bit later and returned the funds minus a bounty themselves," SEAL 911 member @pcaversaccio said. "It was a very easy win in that case, since no real negotiation was needed." 

Thala Labs provides an automated market maker and a yield-bearing stablecoin for the Aptos ecosystem known as the Move Dollar (MOD), named after Aptos' programming language. The protocol has the fourth-highest total value locked (TVL) of any DeFi protocol on Aptos, according to DefiLlama data . The hacker stole $9 million worth of MOD tokens and $2.5 million worth of Thala's native governance token, THL, which the protocol was able to freeze. 

While the protocol recently announced its ThalaSwap V2 product , the vulnerability was in the protocol's v1 contracts.

"Thala was lucky in this case nonetheless to have had a good guy to return the funds," @pcaversaccio said. "I want to emphasize: very lucky."


0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!