Thoreum Finance announed that multiple farms their native tokens were exploited all the way to $0.00. KetchupSwap, Lokum, YBear, Piggy, CaramelSwap. Sadly enough GoCerberus and Garuda were exploited as well. All non-native funds in our contracts are safe, and you are able to withdraw them without a problem. The exploit limits itself specifically to the native token only, and when executed it allowed the exploiter to amplify their rewards by a massive amount to effectively mint as many tokens as they want. The exact value stolen through the hack is still unclear. However, potentially the hacker got away with an amount of money comparable to the market cap of each of these projects. The GARUDA token has a market cap of around $2 million, while CERBERUS was closer to $4 million. Add the other farms, and we’re probably looking at a $10 million exploit. Ultimately this gave space for the hacker to exploit the contract. Because the MasterChef contract was never designed to compare user balances and pool balances, users were able to generate so many tokens in a single harvest that they could instantly empty the pool. Basically, the hacker could generate thousands of tokens, even if there was only one token in the pool. This happened to GarudaSwap, Cerberus, KetchupSwap, and all others.