Decentralized Finance (DeFi) protocols have revolutionized the financial landscape by providing users with unprecedented access to financial services. However, these platforms are not without risks, as recently demonstrated by the vulnerabilities exploited in Gamma Strategies and Orbit Chain. In this article, we will explore the recent attacks and the measures taken by the affected protocols to mitigate the losses and prevent future incidents.
Gamma Strategies, a popular DeFi protocol built on the Ethereum blockchain, recently experienced an exploit that resulted in a loss of approximately $3.4 million. The attack was initially discovered by blockchain investigator PeckShield and later confirmed by the protocol itself. To prevent further losses, Gamma swiftly disabled deposits to all public DeFi vaults while allowing withdrawals for users requiring access to their funds.
Identifying the Root Cause
Upon investigation, Gamma Strategies identified the root cause of the exploit. The protocol’s vaults incorporated several safeguards against flash loans, including token ratios, price change thresholds, deposit caps, and prohibitions on single-sided deposits. However, the main issue arose from the settings on the price change threshold, which were set too high, allowing for significant price changes on specific vaults. This loophole enabled the attacker to manipulate the price and generate a large number of LP tokens.
Gamma Strategies swiftly responded to the exploit by outlining its plan of action. The protocol intends to set all price change thresholds to safe levels and conduct a third-party code review to ensure the effectiveness of the mitigation measures before reopening deposits. Furthermore, a comprehensive post-mortem analysis will be released soon. However, the protocol has yet to confirm whether it will compensate its victims while maximizing recovery for all affected users.
In another security breach within the first four days of 2024, Orbit Chain, a project facilitating cross-chain bridging, fell victim to a hack resulting in a loss of over $80 million in assets. The attacker managed to gain access to seven out of ten multi-signers, leading to a total loss of $81.5 million. The majority of the stolen funds consisted of stablecoins, including USDT, USDC, and DAI, with additional compromises of WBTC and ETH.
These recent exploits highlight the inherent risks associated with DeFi protocols. While they provide numerous benefits, they also attract malicious actors seeking to exploit vulnerabilities for financial gain. It is crucial for DeFi platforms to continually reassess and improve their security measures to prevent such incidents.
The recent exploits of Gamma Strategies and Orbit Chain serve as reminders of the vulnerability of DeFi protocols. These incidents highlight the need for robust security measures and proactive response plans to mitigate losses and protect users. As the DeFi space evolves, it is crucial for protocols to prioritize security and remain vigilant against potential threats.