Gamma Strategies Identifies Root Cause of Exploit Attack, Attempts Negotiation for Fund Return

Ethereum Blockchain Gamma Strategies Security Breach
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships.
Gamma Strategies Security Breach
Source: iStock / JuSun

The protocol managing liquidity on the Ethereum blockchain, Gamma Strategies, has initiated a bounty negotiation with the attacker responsible for stealing $3.4 million worth of digital assets.

The attack was discovered by blockchain defense company PeckShield on January 4th, with initial estimates indicating losses of $469,000. However, further analysis confirmed the total loss to be $3.4 million, with $2.2 million already sent to Tornado Cash, a cryptocurrency mixer.

In response to the attack, Gamma shut down its vault deposits, allowing only withdrawals. The protocol has also initiated communication with the attacker’s wallet address, expressing a willingness to negotiate a bounty for the return of the stolen crypto assets.

Gamma Strategies stated that it had identified the root cause of the attack and assured the community that shutting down deposits for public-facing vaults nullified the attack vector.

The security breach was attributed to inconsistencies in the accounting mechanisms for depositing and withdrawing funds, leading to a misalignment between liquidity and shares. Attackers exploited this vulnerability to withdraw a significant number of tokens, although Gamma Strategies’ vaults are designed to guard against flash loans.

Notably, Gamma’s vaults are built on a robust framework with multiple layers of protection against flash loans. These layers include a mandated ratio of token0 and token1, a price change threshold, deposit caps per deposit, and a prohibition on single-sided deposits

The identified issue primarily revolves around the second protection layer—the price change threshold. This threshold was set at a level that allowed for a substantial price change, enabling attackers to manipulate the price and mint an unusually high number of LP tokens. The company has reassured the community that the other layers of security, including mandated token ratios, deposit caps, and restrictions on single-sided deposits, remain intact.

Gamma Strategies is committed to a full recovery for affected users and will provide a detailed post-mortem analysis of the incident and a proposed resolution plan to prevent future security breaches.

Gamma Strategies Addresses Security Breach, Plans Detailed Post-Mortem Analysis and Remediation Plan

Gamma Strategies has taken swift action in response to a security breach, outlining a series of measures to address the incident and enhance security protocols. The company has committed to setting all price change thresholds to a safe level, engaging a third-party service for a code review to contain the breach, and resuming deposits only after ensuring robust security measures are in place.

In addition to these immediate steps, Gamma Strategies has expressed its dedication to achieving a full recovery for affected users. The company has issued an apology for the losses incurred by users and pledged to provide a detailed post-mortem analysis of the incident. This analysis will be accompanied by a comprehensive resolution plan aimed at preventing future security breaches and ensuring the safety of user assets.

The firm apologized to those affected by this attack and said they would do everything in their power to recover funds and mitigate this risk in the future. They also promised to release a more detailed post-mortem analysis and a proposed remediation plan in the coming days.

The Gamma Protocol exploit contributes to the growing number of security breaches in the cryptocurrency sector. In 2023, the industry experienced losses approaching $1.8 billion, with significant incidents concentrated in the latter half of the year.

The year witnessed several high-profile hacking incidents, impacting prominent entities such as Multichain, Euler Finance, Mixin Network, and Atomic Wallet.

Throughout the year, the North Korean hacking group Lazarus was implicated in multiple attacks, collectively resulting in losses exceeding $300 million.

More Articles

Blockchain News
Crypto Advocacy Group Ad Targets SEC’s Crenshaw Calling Her ‘More Anti-Crypto’
Sujha Sundararajan
Sujha Sundararajan
2024-12-10 05:21:06
Blockchain News
Bitcoin Stumbles Amid Broad Crypto Sell-off Driven by Profit-Taking
Shalini Nagarajan
Shalini Nagarajan
2024-12-10 05:05:08
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors