Gala Games Attacker Returns $22 Million

Reading Time: 2 minutes
  • Gala Games exploiter has returned $22 million he had stolen from the project
  • The project said that it had involved law enforcement agencies immediately after the exploit
  • Gala Games disclosed that they’ll use the funds to buy back GALA tokens to replenish part of those stolen

Web3 gaming startup Gala Games has revealed that it has received slightly above $22 million from a malicious actor who had exploited the project on May 20 and stole GALA tokens worth roughly $200 million. According to the project, the attacker was only able to pocket $22 million worth of tokens before his wallet was frozen. Gala said that it will use the recovered funds to buy back the tokens, something that may improve users’ confidence in the project.

Exploiter Identified

The exploiter returned the funds on May 21, roughly a day after stealing the tokens. Gala Games said that their swift involvement of law enforcement agencies enabled them to corner the attacker, forcing him to return the funds.

In a post shortly after the exploit, Gala Games co-founder Eric Schiermeyer claimed that they had identified the attacker including his physical address. Although Gala has yet to disclose how the attack happened, some community members allege that it was due to a security contractor connecting to the wallet without a VPN.

Gala Governance Proposal on the Table

Gala has also announced a “new 24-hour Gala Founders Node governance” proposal to decide on upgrading the project’s token contract and to consider the frozen tokens burnt.

The Gala saga comes nine months after the web3 gaming startup’s co-founder sued the CEO on allegations of token theft. A year ago, Gala took pNetwork to court blaming it for a hack where it lost more than one million dollars.

With the Gala exploiter returning stolen funds and a proposal to upgrade the token contract, it’s to be seen whether the security incident will affect the project’s adoption.