DeFi Exploit on GMBL Results in of Half Stolen Funds Recovered

Someone has exploited a newly launched decentralized finance (DeFi) gambling yield protocol called GMBL Computer. However, the news is not all bad since they have the identity of the hacker, have requested the return of the funds, and appear to have been partially successful.

On September 6, Arbitrum-based GMBL Computer reported that an attacker was able to spoof a call to get a signature from its server. 

Latest DeFi Exploit 

It added that the signature was passed to the contract, enabling them to “pull almost 500 ETH worth of GMBL out of the contract.” At current prices, the DeFi exploit would be worth around $800,000. 

The protocol team stated that it was not a contract vulnerability, and it has identified the root cause, which is off-chain.

“The hacker is fully doxxed,” stated the protocol team. 

“Thanks to our great community, we have all their information and will begin the process to recover funds. We are offering a bug bounty to not proceed with legal action if funds are returned.”

A few hours later, GMBL asked the hacker to treat it as a white hat. They asked for the return of 90% of the funds back to its Arbitrtum wallet, keeping 10% as a bounty. 

“If we do not receive the funds by tomorrow at 9pm EST, we will proceed with legal action,” it threatened. 

Screenshot from GMBL Computer bounty message following exploit. Source X/@gmblcomputer
Screenshot from GMBL Computer bounty message following exploit. Source X/@gmblcomputer

This sparked quite a reaction. Some asked, “If the hacker was ‘fully doxxed,’ why is there a need for a message on the transaction asking for the return?”

There were also claims of an inside job. Others questioned the legality of the DeFi gambling platform taking legal action.

Fund Recovery in Progress

A couple of hours later, GMBL posted that “we have recovered half the funds stolen from the hacker, to our multisig.” However, there were still accusations of a rug pull flying around. 

GMBL Computer is a DeFi gambling protocol. The casino protocol claims to generate yields for stakers by sending house profits to them.

It appears to have jumped onto the “racing hamster” bandwagon, offering gambling and a cut of the winnings. 

They launched the protocol on Sept. 5, and someone exploited it in less than 24 hours.

Its GMBL token tanked 75% following the exploit, according to GeckoTerminal

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *