{"id":3272,"date":"2024-01-11T07:50:21","date_gmt":"2024-01-11T07:50:21","guid":{"rendered":"https:\/\/cryptobulls.biz\/blog\/?p=3272"},"modified":"2024-01-11T07:59:10","modified_gmt":"2024-01-11T07:59:10","slug":"gamma-strategies-saga-a-3-4-million-crypto-heist","status":"publish","type":"post","link":"https:\/\/cryptobulls.biz\/blog\/gamma-strategies-saga-a-3-4-million-crypto-heist\/","title":{"rendered":"Gamma Strategies Saga: A $3.4 Million Crypto Heist"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_56_1 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\"><\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/cryptobulls.biz\/blog\/gamma-strategies-saga-a-3-4-million-crypto-heist\/#The_Heist\" title=\"The Heist\">The Heist<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/cryptobulls.biz\/blog\/gamma-strategies-saga-a-3-4-million-crypto-heist\/#The_Response\" title=\"The Response\">The Response<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/cryptobulls.biz\/blog\/gamma-strategies-saga-a-3-4-million-crypto-heist\/#Exploit_Costs\" title=\"Exploit Costs\">Exploit Costs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/cryptobulls.biz\/blog\/gamma-strategies-saga-a-3-4-million-crypto-heist\/#Exploit_Methodology\" title=\"Exploit Methodology\">Exploit Methodology<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/cryptobulls.biz\/blog\/gamma-strategies-saga-a-3-4-million-crypto-heist\/#Looking_Ahead\" title=\"Looking Ahead\">Looking Ahead<\/a><\/li><\/ul><\/nav><\/div>\n\n<p class=\"wp-block-paragraph\">In the dynamic world of decentralized finance (DeFi), security breaches are a harsh reality. Gamma Strategies, a leading DeFi protocol, recently faced a cyber attack that led to the theft of digital assets worth millions.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Heist\"><\/span>The Heist<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">On January 4, 2024, at 3:42 AM +UTC, Gamma Strategies noticed a tweet indicating an exploit implicating Algebra Finance. After a quick investigation, they realized that select Gamma vaults were being exploited. The attack had a recognizable pattern of attacking their stablecoin and pegged asset (LST) vaults on Arbitrum across Uniswap, Camelot, and Ramses. The compromised vaults resulted in total losses of approximately $6.18 million. The attackers exploited a defect in Gamma\u2019s deposit proxy configurations to exploit the aforementioned stable and LST vaults. The main issue has to do with the deposit proxy settings placed on the price change threshold. It was placed too high, allowing for a -50% \/ +100% price change on certain LST and stablecoin vaults.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Response\"><\/span>The Response<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Gamma Strategies immediately restricted vault deposits to mitigate the attack vector. They also joined a \u201cwar room\u201d chat, where they could communicate and seek help from various partners, security professionals, and stakeholders. This group was invaluable in keeping a clear line of communication with their community. The first response they took was to immediately restrict vault deposits to mitigate the attack vector. Because the attack vector relied on the ability to make deposits into the pool, restricting vault deposits on every public-facing vault was a broad but effective means of nullifying the attack any further.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/cryptobulls.biz\/blog\/wp-content\/themes\/groovy\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/lh7-us.googleusercontent.com\/eW3S_qXo435seTnWJJTqCvXt_Sjv9fWfJ3hdlW5yaO4zpd5NZ1IEnNOcEZ_mGJ8MC2lsiS4Hkyr-Cet9yguLoWUdytBZyVmtNnUr5-jeeBp-9G816EpmGURtdyjgMnzmYhTtr_mVyyspF7nHm1VzdoM\" alt=\"\"\/><\/figure>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Exploit_Costs\"><\/span>Exploit Costs<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">The compromised vaults and their losses are as follows:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>gDAI-DAI 0.01% (Uniswap \u2014 Arbitrum) Vault:<\/strong> Losses of ~ $2.74M<\/li>\n\n\n\n<li><strong>wstETH-WETH (Camelot \u2014 Arbitrum) Vault:<\/strong> Losses of ~ $771K<\/li>\n\n\n\n<li><strong>USDT-USDC.e (Camelot \u2014 Arbitrum) Vault:<\/strong> Losses of ~ $1.357M<\/li>\n\n\n\n<li><strong>USDC-USDC.e (Ramses \u2014 Arbitrum) Vault<\/strong>: Losses of ~ $1.313M<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The total losses amounted to approximately $6.18 million. The attackers exploited a defect in Gamma\u2019s deposit proxy configurations to exploit the aforementioned stable and LST vaults.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Exploit_Methodology\"><\/span>Exploit Methodology<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">The exploiter exposed a defect in Gamma\u2019s deposit proxy configurations to exploit the aforementioned stable and LST vaults. The main issue has to do with the deposit proxy settings placed on the price change threshold. It was placed too high, allowing for a -50% \/ +100% price change on certain LST and stablecoin vaults. This enabled the attacker to manipulate the price and mint an unusually high number of LP tokens.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Looking_Ahead\"><\/span>Looking Ahead<span class=\"ez-toc-section-end\"><\/span><\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Despite the setback, Gamma Strategies remains committed to its mission. The team is working tirelessly to enhance their security measures and prevent such incidents in the future. A key aspect of their recovery plan involves obtaining a third-party code review. This is to ensure that the vulnerabilities exploited in the attack are thoroughly addressed before any resumption of deposit services. In addition, the protocol is committed to prioritizing the recovery of affected users, ensuring minimal long-term impact from this incident. The company has extended its apologies to those impacted by the breach and pledged to release a detailed analysis of the incident along with a well-formulated remediation plan.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the dynamic world of decentralized finance (DeFi), security breaches are a harsh reality. Gamma Strategies, a leading DeFi protocol, recently faced a cyber attack&#8230;<\/p>\n","protected":false},"author":1,"featured_media":3274,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":""},"categories":[3],"tags":[],"class_list":["post-3272","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts\/3272","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/comments?post=3272"}],"version-history":[{"count":1,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts\/3272\/revisions"}],"predecessor-version":[{"id":3273,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/posts\/3272\/revisions\/3273"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/media\/3274"}],"wp:attachment":[{"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/media?parent=3272"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/categories?post=3272"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptobulls.biz\/blog\/wp-json\/wp\/v2\/tags?post=3272"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}