According to Foresight News, Thales, a derivatives trading platform, announced that despite a security issue, funds on Optimism, Arbitrum, Polygon, and Base are protected. A cyberattack on a core contributor’s personal computer and MetaMask resulted in the compromising of hot wallets functioning as temporary deployers ($25,000) or keeper bots ($10,000). The attack had no effect on user finances. All funds in the keeper wallets, totaling around $10,000, have been transferred to the hacker’s wallet.
Thales also acknowledged that, due to a general lack of attention and focus on the BNB Chain, they failed to deploy the same security procedures as on other chains. Notably, they did not convert the proxy admin’s ownership from the deployer to a multi-sig. The highly experienced attacker exploited this vulnerability and took control of all Thales’ BNB Chain contracts.
Thales has formally chosen to withdraw support for the BNB Chain as a result of the attack. Users are recommended to not from interacting with any Thalesmarket contracts on the BNB Chain and to cancel any outstanding contracts.
