CoinVoice recently learned that Thala Labs has issued a statement saying that it has successfully recovered $25.5 million in liquidity pool tokens that were previously stolen in a hacker attack. These tokens were stolen due to an "isolated vulnerability" in its v1 mining contract.
Thala said that the security breach occurred on November 15, and hackers used the vulnerability to extract liquidity tokens. After the incident, Thala immediately suspended all related contracts and froze Thala-related assets worth $11.5 million, while quickly locking down the hacker's identity.
"With the help of law enforcement, Seal 911 and Ogle, we were able to quickly identify the attacker," Thala said. "Affected users do not need to take any further action and their assets will be 100% compensated." According to crypto detective Ogle, the hacker returned all the funds six hours after the incident. Thala revealed that in order to ensure the complete return of user assets, the hacker was allowed to collect a $300,000 bounty. Specific information about the attacker's identity was not disclosed.
Access to the Thala frontend has been restored. However, mining remains suspended and users are unable to stake and unstake until Thala conducts a “comprehensive review” and re-audit of the protocol’s codebase. [Original link]