The Ethereum-based asset management protocol, Gamma Strategies, is currently investigating an ongoing security incident that may have resulted in the depletion of at least 211.9 Ether (ETH).
We’re monitoring and reacting to a possible security incident. Please be patient while we take security precautions to assess the issue. If you needwith draw our front end is still up at https://t.co/p5JwV003JJ
— Gamma (@GammaStrategies) January 4, 2024
On January 4, the blockchain investigator PeckShield detected an exploit linked to Gamma Strategies with an estimated value of approximately $469,000.
Shortly after, the DeFi platform confirmed a “possible security incident” but reassured users that fund withdrawals remained possible. The protocol is investigating the incident, and it has promised to provide further details once the investigation is complete.
In response to the ongoing incident, Gamma Strategies has taken immediate action to prevent further losses. The team has disabled deposits in all public DeFi vaults while ensuring that withdrawals remain active for users who need to access their funds.
Despite the incident, the protocol’s vaults will continue to be managed normally for the time being. However, deposits have been temporarily shut down until the team identifies and mitigates the problem.
However, analysts from the security firm BlockSec reported a critical vulnerability in the protocol’s accounting mechanism, specifically citing an inconsistency between the accounting mechanisms used by Gamma Strategies for depositing and withdrawing.
This inconsistency results in a discrepancy between liquidity and shares, allowing the attacker to withdraw an excessive amount of tokens.
Additionally, during the confusion surrounding the security incident, a fake verified Twitter account impersonating Gamma’s social media presence was discovered. This fake account attempted to redirect actual investors to a phishing website, urging users to “revoke all approvals to prevent loss of funds.”
The fake post garnered more likes and views than the original Gamma tweet warning about the security incident. Investors are advised to exercise caution, double-check all links, and only interact with Gamma through official channels until investigations conclude.
Gamma Strategies Investigates Breach as Cryptocurrency Sector Continues to Grapple with Hacks and Losses in 2023
The latest breach adds to the series of hacks that have plagued the cryptocurrency sector. In 2023, the industry suffered almost $2 billion in losses due to such incidents, with the largest hacks occurring in the year’s second half.
The Mixin platform experienced a significant blow in September, losing $200 million, and was unable to locate the attacker or retrieve the funds. However, Mixin committed to compensating users for half of their lost holdings.
Other notable breaches included a security incident at the popular crypto exchange Poloniex in November, initially reported at $33 million and later adjusted to over $120 million. The crypto gambling platform Stake also faced a $41 million theft in September.
However, KyberSwap, another crypto firm, reported a revenue loss of $49 million resulting from an exploit and, as a result, is planning to downsize its team by half to sustain the company’s day-to-day activities.
As part of the efforts to mitigate the financial impact of the exploit, Kyber Network’s CEO, Victor Tran, announced a temporary pause on the liquidity protocol initiatives and the KyberAI project. While these initiatives have been temporarily suspended, the core business functions of KyberSwap, such as its Aggregator and Limit Order features, remain operational.
Read the full article here