- Web3 gaming project Gala Game recently suffered a major security breach where a compromised admin address minted 5 billion GALA tokens, valued over $200 million.
- The team has responded by freezing the affected wallet and involving law enforcement to track down the perpetrator.
- “We messed up our internal controls…This shouldn’t have happened and we are taking steps to ensure it doesn’t ever again,” stated Gala Games CEO, Eric Schiermeyer.
This article delves into the recent Gala Game exploit where over $200 million worth of GALA tokens were minted unauthorizedly, exploring the implications and the measures taken by the company.
‘Isolated Incident’
The exploit at Gala Games led to the unauthorized sale of 600 million GALA tokens through the decentralized exchange Uniswap, totaling a loss of approximately $29 million at the time of the transaction. Solidity developer 0xquit highlighted that the attacker could potentially create up to 12 billion tokens before hitting the cap. Following the discovery, the compromised address was promptly blocked to prevent further unauthorized actions.
Immediate Response and Security Measures
CEO Eric Schiermeyer announced on X (formerly Twitter) that the breach was detected within 45 minutes, allowing the team to quickly secure and eliminate unauthorized access to the GALA contract. Despite these efforts, the value of GALA dropped nearly 20% following the incident, although it has since stabilized.
Gala Games CEO Owns Up to Lapse
In a candid admission, Schiermeyer acknowledged the failure in implementing robust internal controls which led to the breach. The company is now cooperating with the FBI, Department of Justice, and international authorities to investigate the incident thoroughly. The CEO also emphasized the ongoing review of daily token distribution, which will be decided through a community node vote.
Conclusion
The Gala Games exploit serves as a critical reminder of the vulnerabilities in digital asset management and the importance of stringent security measures. As the investigation continues, the crypto community watches closely, hoping for enhanced security protocols in the future.