On Nov. 15, 2024, Thala Labs, a DeFi protocol on the Aptos blockchain, faced a significant hack. The attack allowed the hacker to withdraw $25.5 million in liquidity pool tokens.
The Attack and Immediate Actions
In response to the attack, Thala's team paused all relevant contracts and froze approximately $11.5 million in related assets, including $9 million in Move Dollars (MOD) and $2.5 million in THL tokens. Thala Labs stated that affected users do not need to take any action, as all positions will be restored to their full value.
Recovery Process and Negotiation
With the help of Seal 911 and Ogle, two crypto-focused theft recovery organizations, Thala was able to quickly identify the hacker. The hacker willingly contacted them to negotiate the return of the stolen funds, and was offered a $300,000 bounty in exchange. The stolen funds were returned just hours after the exploit.
What is Thala Labs?
Thala Labs offers automated market-making and a yield-bearing stablecoin, Move Dollar (MOD), within the Aptos ecosystem. The protocol recently launched ThalaSwap V2, but the breach was attributed to a vulnerability within the older v1 contracts.
The Thala Labs hack showcases ongoing security challenges in the crypto industry. Despite a decrease in losses compared to earlier in the year, such incidents remain a significant risk for decentralized protocols.
