Photo credit: Pixabay

Thala Protocol, a decentralized finance (DeFi) platform, has disclosed a significant security breach that exploited a vulnerability in its latest v1 farming contracts. The attack, which occurred on Nov. 15, allowed the perpetrator to withdraw $25.5 million worth of liquidity pool tokens.

The protocol’s team swiftly paused all affected contracts and frozen Thala token assets, amounting to $9 million in MOD and $2.5 million in THL. Through collaboration with law enforcement agencies and key cybersecurity partners, including Seal 911 and Ogle, the exploiter was identified. Following negotiations, Thala successfully recovered the stolen funds by agreeing to a $300,000 bounty.

“Affected users require no further action, and positions will be made 100% whole,” the team assured in a statement. They emphasized that existing positions across the protocol's Collateralized Debt Position (CDP) and Liquid Staking Token (LST) modules were not impacted by the breach.

As a precautionary measure, Thala has paused its frontend and all relevant contracts until comprehensive security reviews and re-audits of the codebase are completed. This step aims to ensure the vulnerability is fully addressed and the platform’s operations can resume safely.

The incident highlights the ongoing challenges DeFi platforms face in securing complex smart contract ecosystems. Thala has pledged to keep its community informed with further updates as the review progresses.

“At this time, the protocol’s codebase is undergoing an extensive review and re-audit of all affected and related packages. We will share more details as soon as possible.”