Thala Labs, a DeFi project on Aptos, faced a $25.5M exploit due to a vulnerability in its updated farming contract. The team halted affected contracts and froze $11.5M in native tokens to mitigate further damage.
On November 15, 2024, there was a major security breach at Thala Labs, a DeFi project in the Aptos environment. On their official Twitter account, they said that the hacker used a single weakness in the most recent version 1 of the farming contract update.
The person who did the hack was able to take $25.5 million worth of liquidity pool tokens. In response, Thala Labs stopped all contracts related to the native tokens and froze assets linked to them. These assets included $2.5 million worth of THL and $9 million worth of MOD.
Thala Labs: Quick Action Makes Sure Platform Security and User Recovery
The abuser was quickly caught with the help of law enforcement and computer experts such as Seal 911 and Ogle. A settlement was also reached. The hacker decided to return the stolen items in exchange for a $300,000 reward. This was done to make sure that all user assets would be returned.
The staff assured the customers that they don’t need to do anything else because their spots will be fully returned. Still, Thala has kept all of its contracts and shut down its front-end interface to carefully check and re-audit goods that were affected in terms of security.
This deal doesn’t change the places of current modules like CDP and LST. More reports will be sent out once the platform is thought to be completely safe.
People are still putting DeFi setups at risk, as this episode shows. On a separate note, CNF reported on a new strategy BlueNoroff, a group of North Korean hackers. The group, which went by the name “ObjCShellz,” got into macOS computers by putting malware in fake PDFs.
Attackers can use this virus as a remote shell to run orders from servers far away and take control of PCs that have been hacked. This method draws attention to the fact that cyberattacks on the crypto business are getting smarter and more complicated.
On the other hand, as we already said, hackers have returned $19.2 million worth of stolen coins to an American wallet. The money was laundered through several exchanges before it was found. This is part of a growing trend of negotiations and recovery attempts in crypto-related breaches.