Thala recovers $25M in stolen assets following security breach

Thala, a decentralized finance (DeFi) protocol, has successfully recovered approximately $25 million in stolen assets following a significant security breach. The exploit targeted an isolated vulnerability in the protocol’s latest v1 farming contract update, compromising liquidity pool tokens worth $25.5 million.

The attacker exploited a flaw in Thala’s farming contracts, accessing funds from liquidity pools. In response to the breach, Thala took immediate action by pausing all affected contracts and freezing $9 million in Move Dollar (MOD) tokens and $2.5 million in its native asset, THL.

Thala collaborated with law enforcement and blockchain security experts, including Seal 911 and Olga, to track the attacker. The negotiation process with the identified exploiter culminated in a $300,000 bounty, facilitating the return of the stolen funds. Thala assured its users that their positions would be fully restored and that no additional steps would be required from them.

In the aftermath of the incident, Thala has initiated a comprehensive review and re-audit of its protocols to bolster security and safeguard against future vulnerabilities. The team has emphasized its commitment to ensuring user security and maintaining the integrity of its platform.

Despite the successful recovery of assets, the breach has negatively impacted the value of THL, Thala’s governance token. The token, which enables holders to participate in the ecosystem’s decision-making, has fallen sharply to $0.53, a 42% decline from its November high of $0.94.