The Ethereum-based asset management protocol, Gamma Strategies, is currently looking into a security incident that may have led to the loss of at least 211.9 Ether (ETH).
On January 4, the blockchain investigator PeckShield identified an exploit associated with Gamma Strategies, estimating a value of approximately $469,000.
Following this discovery, the DeFi platform acknowledged a “possible security incident” but assured users that fund withdrawals were still possible. Gamma Strategies is actively investigating the incident and has committed to sharing further details once the investigation is concluded.
In response to the ongoing situation, Gamma Strategies has taken immediate steps to prevent additional losses. The team has disabled deposits across all public DeFi vaults, ensuring that withdrawals remain accessible for users requiring access to their funds.
Despite the incident, the protocol’s vaults will continue to be managed as usual for the time being. However, deposits have been temporarily halted until the team identifies and addresses the underlying problem.
However, security analysts from BlockSec have reported a critical vulnerability in Gamma Strategies’ protocol, specifically pinpointing an inconsistency within its accounting mechanism. This inconsistency pertains to the methods employed by Gamma Strategies for depositing and withdrawing funds.
The identified vulnerability results in a disparity between liquidity and shares, creating an opportunity for attackers to withdraw an excessive amount of tokens.
Adding to the complexity of the situation, a verified Twitter account impersonating Gamma’s official social media presence was discovered amidst the security incident. This fraudulent account aimed to mislead actual investors, directing them to a phishing website and urging users to “revoke all approvals to prevent loss of funds.”
Remarkably, the fake post garnered more likes and views than the original tweet from Gamma warning about the security incident. Investors are strongly advised to exercise caution, thoroughly verify all links, and exclusively interact with Gamma through official channels until the ongoing investigations are concluded.
Gamma Strategies Investigates Breach as Cryptocurrency Sector Continues to Grapple with Hacks and Losses in 2023
This recent breach contributes to a string of hacks that have plagued the cryptocurrency sector. In 2023, the industry endured losses of nearly $2 billion due to such incidents, with the most significant hacks occurring in the latter half of the year.
In September, the Mixin platform suffered a substantial setback, losing $200 million, and was unable to identify the attacker or recover the funds. Nevertheless, Mixin committed to compensating users for half of their lost holdings.
Other notable breaches included a security incident at the widely-used crypto exchange Poloniex in November, initially reported at $33 million but later adjusted to over $120 million. Additionally, the crypto gambling platform Stake faced a $41 million theft in September. These incidents underscore the ongoing challenges and risks associated with security in the cryptocurrency space.
Nevertheless, KyberSwap, another crypto firm, disclosed a revenue loss of $49 million due to an exploit. In response to the financial setback, the company is planning to reduce its team size by half as a measure to sustain day-to-day operations.
In an effort to mitigate the financial impact of the exploit, Kyber Network’s CEO, Victor Tran, declared a temporary halt to liquidity protocol initiatives and the KyberAI project. Although these initiatives are currently suspended, the fundamental business functions of KyberSwap, including its Aggregator and Limit Order features, continue to operate.