DeFi protocol Thala recovers $25 million following successful hacker negotiation
Quick Take
- The DeFi protocol Thala successfully recovered over $25 million drained from its liquidity pools by a hacker after a successful negotiation led the hacker to accept a $300,000 bug bounty, the protocol announced.
- The Aptos-based protocol, which paused certain operations, is now reviewing and re-auditing its codebase.
The Aptos-based decentralized protocol Thala suffered an exploit on Friday that saw a hacker drain about $25.5 million in tokens from its liquidity pools.
Luckily, with the help of theft recovery groups SEAL 911 and Ogle Security Group, Thala was able to negotiate with the hacker for the return of the funds in exchange for a $300,000 bug bounty, the protocol announced on X.
"Affected users require no further action, and positions will be made 100% whole. However, all relevant contracts and the Thala frontend will remain paused until deemed to be fully secure," the protocol stated.
A member of SEAL 911 said the recovery was surprisingly straightforward after the group made contact with the hacker.
"[SEAL 911] identified the white hat hacker within minutes (i.e. name, location etc.) due to obvious onchain links. Fortunately, the white hat hacker reached out themselves a little bit later and returned the funds minus a bounty themselves," SEAL 911 member @pcaversaccio said. "It was a very easy win in that case, since no real negotiation was needed."
Thala Labs provides an automated market maker and a yield-bearing stablecoin for the Aptos ecosystem known as the Move Dollar (MOD), named after Aptos' programming language. The protocol has the fourth-highest total value locked (TVL) of any DeFi protocol on Aptos, according to DefiLlama data. The hacker stole $9 million worth of MOD tokens and $2.5 million worth of Thala's native governance token, THL, which the protocol was able to freeze.
While the protocol recently announced its ThalaSwap V2 product, the vulnerability was in the protocol's v1 contracts.
"Thala was lucky in this case nonetheless to have had a good guy to return the funds," @pcaversaccio said. "I want to emphasize: very lucky."
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.