Gala post-mortem analysis: Attackers who issued 5 billion GALAs had privileged access abuse, not external software vulnerability

On May 28, Gala published a post-mortem report on the unauthorized issuance of 5 billion GALA, saying that all internal processes have been fixed, including the removal of unauthorized users, the hacker has returned the ETH obtained through the sale of GALA, which has been used to buy back and destroy tokens, 5 billion GALA will be destroyed. The attacker's contract and wallet have been immediately blacklisted, and the Ethereum contract is kept secure by multiple contracts signed by geographically dispersed signers.
So far, Gala has identified malicious actors through other activities and usage patterns within the network, which it says were previously linked to smaller vulnerabilities, indicating privileged access abuse rather than external software vulnerabilities. The case has been referred to the Department of Justice and the FBI for further investigation. At the same time, Gala is conducting an internal review of security protocols and contract access rights, and strengthening measures such as access control and key management practices.