DeFi Protocol Gamma Strategies Suffers $3.4 Million Attack

Gamma Strategies has initiated negotiations to recover millions of funds lost following an attack on its vaults.

Hacker in a digital space playing with a crypto coin.
Created by Kornelija Poderskytฤ— from DailyCoin
  • DeFi protocol Gamma Strategies has been exploited.
  • Millions of dollars are feared to be lost.
  • The protocol has initiated negotiations to recover the funds.

Decentralized finance (DeFi) protocol Gamma Strategies is counting millions of dollars in losses following an attack on its vaults.

On January 4, blockchain security firm PeckShield issued an alert on X (Twitter), noting that it had detected a 211.9 ETH exploit on the Algebra Dex Engine. Dismissing the report, the Algebra Dex team clarified that the attack was on vaults linked to Gama Strategies.

Gamma Strategies Addresses $3.4 Million Exploit

Hours after acknowledging that it was โ€œmonitoring and reacting to a possible security incident,โ€ Gamma Strategies issued a report detailing how its public vaults/hypervisors were exploited, causing a suspension of deposits.

Sponsored

Per the report, the issue stems from a miscalculated price change threshold.

โ€œIt was placed too high allowing for up 50-200% price change on certain LST and stablecoin vaults. This allowed the attacker to manipulate the price up to the price change threshold and mint a disproportionately high number of LP tokens,โ€ Gamma Strategies wrote.

While the protocol did not clarify how much was lost in the attack, PeckShieldโ€™s latest alert indicated the attackerโ€™s address had transferred ETH worth about $2.2 million to Tornado Cash. The firm estimated Gamma Strategiesโ€™ loss to be $3.4 million following the attack.

Transaction trail of the attacker's address.
Transaction trail of the attacker’s address: PeckShield.

Noting that it would release a detailed post-mortem analysis and proposed remediation plan โ€œover the coming days,โ€ Gamma Strategies vowed to โ€œmaximize recovery for all affected usersโ€ and mitigate the risk in the future. True to this, the protocol has initiated negotiations with the attacker to recover the funds.

Negotiations for Bug Bounty and Funds Recovery  

In a Twitter (X) update, Gamma confirmed that it had attempted to contact the exploiter via Etherscan and Arbiscan to negotiate the return of funds.

โ€œHello. We are reaching out to you from Gamma. We noticed that you found a bug, and we want to thank you for discovering it. We hope you did so as a whitehat or grayhat. We want to open up communications regarding bug bounty,โ€ the message read.

The attacker had not responded to the message at press time.

Read about dYdXโ€™s post-mortem report on its $9M exploit:
dYdX Identifies Hacker in $9M SUSHI and YFI Incident

Stay updated on how the Orbit cross-chain bride was recently exploited:
Orbit Cross-Chain Bridge Hit for $82 Million

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Author
Brian Danga

Brian Danga is a crypto reporter at DailyCoin covering breaking news. Brian has minor holdings in Bitcoin and Ethereum.

Read more