Gamma Strategies Offer Bounty After $3.4M Exploit Drain
Gamma Strategies suffered an attack this week exploiting vulnerabilities in its Ethereum-based liquidity vaults to steal $3.4 million in crypto assets.
The team responded by freezing deposits to stem further losses. However, in a rare move, Gamma also messaged the hacker’s wallet, seeking to negotiate a “bug bounty” for returning the stolen assets.
Key Details:
- The flaw allowed manipulation of deposit token pricing thresholds prior to minting LP tokens.
- Enabled attackers to disproportionately mint and drain $3.4 million from pools.
- Gamma suspends deposits but keeps vaults running for legitimate users.
- Hacker has already laundered over $2 million via Tornado Cash Mixer, according to PeckShield.
Gamma outlined the flaw that allowed for briefly overriding safety measures through meticulously orchestrated transactions targeting price data.
Read more: Solana Focused Wallet Drainers On The Rise, Security Platforms Warn
Vaults relied on restricting deposits during significant volatility shifts. However, the hacker found manipulating prices prior to deposit approval enabled minting far more pool tokens than was justified.
By carefully calibrating an intricate series of swaps, the exploiter grabbed amplified yields before withdrawals locked in gains. Gamma conceded that its 50ā200% maximum price change settings left holes.
Gamma Strategies Deploy Recovery Efforts
Gamma stopped further deposits, limiting additional risk while keeping vault services operational. The team pledged a full post-mortem and code review to bolster security prior to reactivation.
Read more: DYdX Identifies YFI Attacker In Pump And Dump Scheme
The Gamma team messaged the attacker’s wallet address after tracing funds through Tornado Cash Mixer. The protocol indicated openness to a negotiated bounty payment to regain as much stolen crypto as possible.
Further details are pending as talks proceed, but the initiative spotlights new recovery tactics emerging in the DeFi breach response.
