Trusted

DeFi Protocol Gamma Loses $4 Million in Price Manipulation Exploit

2 mins
Updated by Ryan Boltman
Join our Trading Community on Telegram

In Brief

  • Gamma, a DeFi protocol, lost $4 million due to a price manipulation attack involving multiple malicious contracts.
  • After the attack, hackers moved USDT from the Arbitrum chain to the Ethereum network using the Stargate bridge.
  • In just the first four days of 2024, three security incidents have been recorded, with hackers exploiting over $90 million.
  • promo

Liquidity management protocol Gamma lost $4 million as exploiters created many malicious contracts to conduct a price manipulation attack, it has since also been attacked again.

Last year, over $1.8 billion was lost to security incidents. 2024 has just begun, and the Web3 security incidents continue to create havoc.

How Exploiters Attacked Gamma Smart Contracts

Web3 security firm Cyvers reported on X (Twitter) that attackers created many malicious contracts to steal $4 million from Gamma. Cyvers CEO Deddy Lavid told BeInCrypto:

“The attacker created around 40 malicious contracts that targeted Gamma smart contracts. The type of hack is Price manipulation,” CEO Deddy Lavid explained.

Lavid further explains the price manipulation attack:

“In the price manipulation attack on Gamma smart contracts, the hacker exploited vulnerabilities to inflate assets’ prices artificially. They executed this by using multiple malicious contracts, manipulating market conditions to their advantage. Once the prices were distorted, they converted and moved the funds rapidly, evading typical security measures,” Lavid added.

As per Cyvers, after conducting the attack, the hackers bridged USDT from the Arbitrum chain to the Ethereum network using the Stargate bridge. Later, they swiftly swapped USDT to Ethereum (ETH) to avoid the freezing of funds.

Read more: How To Use Arbitrum Bridge To Bridge Ethereum Tokens

For context, Tether often freezes the stolen USDT to avoid the further movement of funds.

The screenshot below shows the flow of Gamma’s stolen funds. The exploiters have not yet moved the Ethereum or distributed it to multiple addresses. Not to mention, exploiters funded the fresh wallet through Tornado Cash deposit.

Gamma Exploiters' Flow of Funds. Source: MetaSleuth
Gamma Exploiters’ Flow of Funds. Source: MetaSleuth

Gamma team is working with the security experts to investigate the incident further. It wrote on X (Twitter):

All public vaults/hypervisors have had deposits shut down. You may withdraw your funds if need be. Our vaults will continue to be managed normally for now, but deposits are currently shut down until we identify and mitigate the problem, Gamma Strategies announced.

Additionally, the protocol has since been attacked again by another attacker who has taken 10 ETH, which is estimated to be $22,000. The attacker has also interacted with the Kyber Networks exploiter, asking for ETH for gas.

2024 Already Plagued With Exploits and Hacks

It has been just four days into 2024, yet three security incidents have been recorded so far. On January 1, BeInCrypto reported that the decentralized cross-chain protocol Orbit Chain lost over $81 million to hackers.

Then, on January 3, Radiant Capital lost $4.5 million due to a smart contract breach. These reports show that hackers exploited over $90 million in 2024.

Read more: Crypto Project Security: A Guide to Early Threat Detection

Do you have anything to say about the Gamma exploit or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X (Twitter).

For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.

🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024
eToro eToro Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
Coinbase Coinbase Explore
3Commas 3Commas Explore
🎄Best crypto platforms in Europe | December 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Harsh.png
Harsh Notariya
Harsh Notariya is an Editorial Standards Lead at BeInCrypto, who also writes about various topics, including decentralized physical infrastructure networks (DePIN), tokenization, crypto airdrops, decentralized finance (DeFi), meme coins, and altcoins. Before joining BeInCrypto, he was a community consultant at Totality Corp, specializing in the metaverse and non-fungible tokens (NFTs). Additionally, Harsh was a blockchain content writer and researcher at Financial Funda, where he created...
READ FULL BIO
Sponsored
Sponsored