{"id":99887,"date":"2024-11-18T03:35:53","date_gmt":"2024-11-18T07:35:53","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=99887"},"modified":"2024-11-18T03:35:59","modified_gmt":"2024-11-18T07:35:59","slug":"thala-labs-recovers-25-5m-from-vulnerability","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/thala-labs-recovers-25-5m-from-vulnerability\/","title":{"rendered":"Thala Labs Recovers $25.5M From v1 Farming Vulnerability Incident"},"content":{"rendered":"\n

Thala Labs, a decentralized finance firm, has successfully recovered $25.5 million in liquidity pool tokens from its v1 farming contracts<\/a>. <\/p>\n\n\n\n

\"Thala
Thala Labs Recovers $25.5M From v1 Farming Vulnerability Incident<\/figcaption><\/figure>\n\n\n\n

Thala disclosed in a post on Nov. 16 that it had experienced a “security breach” on Nov. 15 due to an “isolated vulnerability” in its v1 farming contracts. This vulnerability enabled the hacker to extract liquidity tokens.<\/p>\n\n\n\n

Thala stated that it rapidly identified the perpetrator, halted all pertinent contracts, and froze $11.5 million in Thala-related assets.<\/p>\n\n\n\n

Thala stated, “We were able to promptly identify the exploiter with the assistance of law enforcement, Seal 911, Ogle, and others.”<\/p>\n\n\n\n

Thala reported that they were awarded a $300,000 bounty in exchange for the complete return of user assets. At the same time, crypto sleuth Ogle stated that the intruder returned the funds six hours after the incident. There was no disclosure of the attacker's identity.<\/p>\n\n\n\n

Thala emphasized that “affected users will not require any additional action, and their positions will be fully restored.”<\/p>\n\n\n\n

\"Source:
Source:\u00a0<\/em>Thala Labs<\/em>\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a><\/figcaption><\/figure>\n\n\n\n

Thala's front end is now accessible. Subsequently, Thala will implement an “extensive review” and re-audit the protocol's codebase, rendering users incapable of staking and unstaking positions.<\/p>\n\n\n\n

According to Thala's CEO, Adam Cader, the assault was related to integrating Thala with Move, a network of modular blockchains developed by Movement Labs<\/a>, as mentioned in a post on X on Nov. 16.<\/p>\n\n\n\n

\n

\u201cIt\u2019s inevitable some security issues may happen in the future on Move, but why we\u2019re all building here is for these to occur at a far far less frequency and severity and trend to 0 over time as adjacent tooling gets stronger.\u201d<\/p>\n<\/blockquote>\n\n\n\n

The Thala platform is one of the most prominent DeFi platforms on the Aptos layer-1 blockchain.<\/p>\n\n\n\n

CoinGecko reports that the THL token has experienced a 35% decline to $0.51 since the incident.<\/p>\n\n\n\n

In the exploit, approximately $2.5 million in THL tokens were stolen, while an additional $9 million was obtained from Thala's Move Dollar (MOD) stablecoin.<\/p>\n\n\n\n

DefiLlama data indicates that the total value of Thala has decreased from $240 million on Nov. 15 to $195.6 million at the time of writing.<\/p>\n\n\n\n

\"Thala
Thala protocol\u2019s change in TVL since April 2023. Source:\u00a0<\/em>DeFiLlama<\/em><\/use><\/svg><\/span><\/a><\/figcaption><\/figure>\n\n\n\n

According to CertiK, a blockchain security firm, exploits were responsible for nearly $130 million theft from victims in October.<\/p>\n\n\n\n

The lending protocol Radiant Capital <\/a>experienced the most significant incident in October, resulting in a loss of approximately $54 million.<\/p>\n\n\n\n

According to Hacken, a cybersecurity corporation, approximately $460 million was stolen from hackers in 28 incidents during the preceding three months of Q3 2024.<\/p>\n","protected":false},"excerpt":{"rendered":"

Thala Labs, a decentralized finance firm, has successfully recovered $25.5 million in liquidity pool tokens from its v1 farming contracts. Thala disclosed in a post on Nov. 16 that it had experienced a “security breach” on Nov. 15 due to an “isolated vulnerability” in its v1 farming contracts. This vulnerability enabled the hacker to extract […]<\/p>\n","protected":false},"author":12,"featured_media":99897,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11476],"tags":[197,937,22862,22863],"class_list":["post-99887","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacks-and-scams","tag-defi","tag-hackers","tag-thala-labs","tag-v1-farming"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2024\/11\/zz.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/99887","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=99887"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/99887\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/99897"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=99887"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=99887"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=99887"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}