Gamma Strategies, an Ethereum-based decentralised finance (DeFi) liquidity management protocol, was exploited and suffered a consequent loss of approximately $3.4m or 1,500 ETH. PeckShield, a blockchain security company, spotted the hack on Thursday.
Gamma Strategies falls victim to $3.4m in stolen tokens
Initially, this firm traced losses of roughly 211.9 ETH or $469,000. Later, it was discovered that the attacker already transferred $2.2m to Tornado Cash, a crypto tumbler. Experts stated a critical vulnerability in the accounting system of the Gamma Protocol opened the doors for theft as it allowed the attacker to withdraw large amounts of tokens.
Upon investigation, it was found that the high ‘price-change threshold’ allowed between 50% and 200% price changes on certain liquid staking tokens (LSTs) and stablecoin vaults. Binance reported that Gamma Strategies is trying to negotiate with the attacker to recover the stolen funds.
Don’t miss out the latest news, subscribe to LeapRate’s newsletter
This protocol immediately implemented actions to prevent the recurrence of such an incident. It disabled deposits to all open DeFi vaults while still allowing users to make withdrawals when needed. In an X post, Gamma Strategies commented:
Our vaults will continue to be managed normally for now, but deposits are currently shut down until we identify and mitigate the problem.
According to Yahoo Finance, Yajin Zhou, the founder of BlockSec, explained that the imbalance between deposits and withdrawals was at the root of the problem. Gamma Strategies allows users to deposit funds into hypervisors, which are pools that facilitate returns on investments through various finance strategies.
