The protocol managing liquidity on the Ethereum blockchain, Gamma Strategies, has initiated a bounty negotiation with the attacker responsible for stealing $3.4 million worth of digital assets.
The attack was discovered by blockchain defense company PeckShield on January 4th, with initial estimates indicating losses of $469,000. However, further analysis confirmed the total loss to be $3.4 million, with $2.2 million already sent to Tornado Cash, a cryptocurrency mixer.
In response to the attack, Gamma shut down its vault deposits, allowing only withdrawals. The protocol has also initiated communication with the attacker’s wallet address, expressing a willingness to negotiate a bounty for the return of the stolen crypto assets.
Gamma has attempted to contact the exploiter via Etherscan and Arbiscan to negotiate the return of funds.https://t.co/5WZ1z3F7jEhttps://t.co/kOi5ntdeT0
— Gamma (@GammaStrategies) January 4, 2024
Gamma Strategies stated that it had identified the root cause of the attack and assured the community that shutting down deposits for public-facing vaults nullified the attack vector.
One last note, is that even though deposits are closed, our rebalances and management of the positions are still active as they are not affected by the exploit.
— Gamma (@GammaStrategies) January 4, 2024
The security breach was attributed to inconsistencies in the accounting mechanisms for depositing and withdrawing funds, leading to a misalignment between liquidity and shares. Attackers exploited this vulnerability to withdraw a significant number of tokens, although Gamma Strategies’ vaults are designed to guard against flash loans.
Notably, Gamma’s vaults are built on a robust framework with multiple layers of protection against
Read more on cryptonews.com