Gala Games Recovers $22M in ETH After a $200M Exploit


Gala Games has successfully recovered approximately $22 million in Ether (ETH) following a major security breach on May 20 that saw $200 million worth of Gala (GALA) tokens illicitly minted and partially sold. The individual behind the attack returned the funds to Gala Games after the company’s swift response and collaboration with federal law enforcement agencies.

In a detailed blog post on May 21, Gala Games revealed that the attacker’s wallet had sent back 5913.2 ETH, valued at $22.3 million. This amount closely corresponds to the market value of the 600 million GALA tokens that the attacker sold shortly before the platform was able to freeze the wallet.

Comments from Gala CEO

Gala’s co-founder and CEO, Eric Schiermeyer, commended the team for their rapid and effective action, which included the deployment of GalaChain’s blocklist protocol. 

This new feature enabled the freezing of 4.4 billion GALA tokens out of the 5 billion minted within a 45-minute window. In a series of posts on X (formerly Twitter) and Discord, Schiermeyer also mentioned that the identity of the attacker had been determined, including his home address.

Further, the recovery marks a significant step in combating the exploiter despite a fraction of the actual amount being recovered.

Method of Exploit

While Gala Games has not officially confirmed the identity or method of the exploit, community members speculated that the attack was carried out by a security contractor who inadvertently exposed the wallet’s credentials by connecting without a VPN. This claim, however, remains unverified by the platform.

Schiermeyer indicated that the returned ETH would likely be used to repurchase and burn the equivalent amount of GALA tokens. “I don’t see anything else we should do with the ETH,” he wrote. “We will probably buy and burn on GalaSwap.”

Gala Initiated Vote to Burn Tokens

Additionally, Gala Games initiated a governance vote to decide whether the 4.4 billion blocklisted GALA tokens should be considered burned. This move aims to restore confidence in the token’s value and the integrity of the platform.

In a related development, DWF Labs disclosed its acquisition of 28 million tokens on the open market, an effort aimed at stabilizing the token’s value. “The security of our investments and their communities is important to us,” the firm stated.

Working with Law Enforcement

Schiermeyer acknowledged the failure in internal controls that allowed the security breach to occur. “We messed up our internal controls,” he admitted. “This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again.”

Despite the breach, Schiermeyer reassured users that the Ethereum contract itself was secure and had not been compromised. He also noted that the platform is working closely with the Federal Bureau of Investigation, the United States Justice Department, and a network of international authorities to address the situation.

June 16, 2024

As the FTX bankruptcy case moves to its end, three entities..

June 16, 2024

Curve Finance founder Michael Egorov has finally cleared the air on..

ads-image ads-image