Connect with us

Hi, what are you looking for?

Oracle of  Omaha SaysOracle of  Omaha Says

Editor's Pick

Gala Games Hit by $23 Million Token Exploit Due to ‘Messed Up’ Internal Controls

Gala Games, a prominent blockchain gaming platform, experienced a significant security breach that resulted in the unauthorized sale of 600 million GALA tokens, valued at $23 million. CEO Eric Schiermeyer confirmed that the incident was attributed to inadequate internal controls.

The exploit occurred on May 20 at 7:32 pm UTC when a hacker accessed a Gala Games admin address. This access enabled the attacker to mint 5 billion new GALA tokens worth approximately $200 million. The attacker then sold 600 million of these newly minted tokens on the decentralized exchange Uniswap.

Notably, this breach is not Gala Games’ first encounter with security issues. In 2021, the company lost $130 million in a similar exploit

“Messed Up Internal Controls” Leads to Gala Games Breach

.@poweredbygala hacked?

seems like someone minted 5B tokens ~1 hour ago, valued at ~$220M

has been dumping in batches of 100 ETH on @0xProject, address is currently sitting on ~4.6K ETH

— devops199fan ⌐◨-◨ (@devops199fan) May 20, 2024

Blockchain analyst @devops199fan first reported the incident, noting the sudden minting of a large volume of GALA tokens. Following the notification, Gala Games quickly mitigated further damage.

In response to the breach, Gala Games froze the compromised wallet, preventing the hacker from selling the remaining tokens. Gala Games identified and removed the unauthorized access to the GALA contract, assuring stakeholders that its Ethereum contract remains secure and uncompromised. 

Hey Everyone…

I always knew there was a reason I never talk shit about other projects getting hacked…I’m sorry to say we had an incident that resulted in the unauthorized SALE of 600million (21million usd) $GALA tokens and the effective BURN of 4.4 billion tokens.


— benefactor (@Benefactor0101) May 20, 2024

Furthermore, CEO Schiermeyer announced via X that the remaining 4.4 billion tokens were effectively rendered unsellable and burned to prevent additional exploitation. Also, the company is working closely with the FBI, the U.S. Justice Department, and international authorities to investigate the incident and apprehend those responsible.

“We had an incident that resulted in the unauthorized sale of 600 million GALA tokens and the effective burn of 4.4 billion tokens. We messed up our internal controls. This shouldn’t have happened, and we are taking steps to ensure it doesn’t happen again,” Schiermeyer stated.

The immediate aftermath saw GALA’s price plummet to a 24-hour low of $0.038, a 20% drop from its daily high. However, according to CoinGecko, the token price has since partially recovered to $0.041.

In addition to the recent breach, the ongoing internal legal battles between Schiermeyer and co-founder Wright Thurston, who have filed lawsuits against each other over mismanagement and theft allegations, add to the company’s turmoil.

However, Gala Games has assured its users and investors that it is implementing more robust internal controls to prevent future incidents and is committed to maintaining a secure and robust platform for blockchain gaming.

The Rise Of Crypto Exploits: Recent Incidents

Sonne Finance, a lending protocol, recently suffered a $20 million exploit on May 14, impacting cryptocurrencies, including WETH and USDC. Sonne Finance paused all markets on Optimism and began investigating with Cyvers. Despite efforts to recover funds and offer a bug bounty, the hacker has already moved a significant portion of the stolen assets to a new wallet, suggesting an intent to launder them through a privacy protocol like Tornado Cash.

Rain cryptocurrency exchange also experienced a potential exploit on April 29, transferring approximately $14.1 million worth of various cryptocurrencies to a suspicious wallet, as reported by on-chain analyst ZachXBT. The exploit involved significant outflows from Rain’s Bitcoin, Ethereum, Solana, and XRP wallets. The stolen funds were quickly exchanged for Bitcoin and Ethereum and moved to specific addresses on these networks. Notably, the Ethereum address currently holds about 1,881 ETH, valued at $5.5 million, while the Bitcoin address holds 137.9 BTC, valued at $8.6 million.

Arkham Intelligence data shows that the funds were traced back through various Bitgo multi-signature wallets, though they have not been explicitly linked to Rain. Despite this, over 590 ETH, 20 billion Shiba Inu, 12,500 Chainlink, $240,000 in Tether, and $500,000 in USD Coin were swapped for ETH on Uniswap, with additional funds from a Binance hot wallet. 

Pike Finance, a DeFi lending protocol, also suffered a $1.6 million exploit due to a smart contract vulnerability. Over three days, funds were stolen across the Ethereum, Arbitrum, and Optimism chains. 

The post Gala Games Hit by $23 Million Token Exploit Due to ‘Messed Up’ Internal Controls appeared first on Cryptonews.

Enter Your Information Below To Receive Free Trading Ideas, Latest News And Articles.

    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Latest News

    A former Republican legislative candidate who traveled to Washington for former President Donald Trump’s ‘Stop the Steal’ rally was arrested Friday and charged with...


    Even as U.S. inflation broadly cools, frozen vegetable prices are hot. The average shelf price for frozen veggies rose by 18% in the past year...

    Latest News

    Abbe Lowell, Hunter Biden’s attorney, filed an ethics complaint Friday against Georgia Rep. Marjorie Taylor Green after she displayed censured nude photos of the president’s...

    Latest News

    President Biden has overruled the Pentagon and chosen Adm. Lisa Franchetti to lead the Navy, making her the first woman, if she’s confirmed, to...

    Disclaimer:, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

    Copyright © 2024