Thala Protocol Resumes Operations After $25.5M Exploit

Decentralized finance (DeFi) platform Thala has resumed operations following a major security breach that resulted in the exploitation of its liquidity pools for approximately $25.5 million.
In a Nov. 17 post on X (formerly Twitter), Thala informed users that most of its services have been restored, with the exception of its staking feature, which is currently undergoing a security patch and audit.
The exploit, which occurred on Nov. 15, was traced to a vulnerability in the protocol's v1 farming contracts. This flaw emerged after a recent update and allowed an attacker to withdraw significant amounts of liquidity tokens. Upon detection of the breach, Thala immediately suspended its services and managed to freeze $11.5 million worth of assets, including its native THL token and the Move Dollar (MOD), using the Move programming language. This language, which underpins the Aptos blockchain that Thala operates on, provides functions like "freeze" and "burn" to safeguard digital assets.
To recover the remaining stolen funds, Thala partnered with SEAL 911, a team of DeFi security experts, Ogle, an on-chain investigator, and law enforcement. Following negotiations, the hacker agreed to return all stolen assets in exchange for a $300,000 bounty.
Thala assured users that all positions would be fully restored and that no action is required on their part. However, the total value locked (TVL) in the protocol has fallen from $234 million to $196 million, and the THL token has dropped by over 31% since the exploit.
This attack adds to the growing list of recent security incidents targeting decentralized protocols. On Oct. 16, DeFi lender Radiant Capital lost around $50 million in a similar exploit, and in September, staking protocol Bedrock was drained of approximately $2 million due to a bug. According to blockchain security firm PeckShield, the total on-chain losses from crypto hacks in October reached $88.4 million, bringing the year's total to $181 million.
Disclaimer: The content on this website is for informational purposes only and does not constitute financial or investment advice. We do not endorse any project or product. Readers should conduct their own research and assume full responsibility for their decisions. We are not liable for any loss or damage arising from reliance on the information provided. Crypto investments carry risks.