DeFi Protocol GMBL Exploited for 500 ETH
GMBL Computer, a DeFi gambling yield protocol, hacked for 500 ETH, but the team has identified the hacker and is recovering the stolen funds.
GMBL Computer, a DeFi gambling yield protocol launched on September 5th, was exploited in less than 24 hours, with the attacker making off with nearly 500 ETH. However, the story has a somewhat positive twist: The protocol team has identified the hacker and is in the process of recovering the stolen funds.
On September 6th, GMBL Computer reported that an attacker had spoofed a call to obtain a signature from their server. This signature was then used to pull almost 500 ETH worth of GMBL tokens out of the contract. At current market prices, this amounts to approximately $800,000. The protocol team was quick to clarify that this was not due to a contract vulnerability but was an off-chain issue.
We have recovered half the funds stolen from the hacker, to our multisighttps://t.co/m1skZVuRXI
Special thanks to @samczsun @cryptogle and the dozens of friends who stepped in at this critical moment to help us in this tough situation.
We are working on recovering the… — GMBL.COMPUTER (????, ♻️) (@gmblcomputer) September 6, 2023
The GMBL team announced that they had fully identified the hacker, thanks to their community's support. They even offered a bug bounty to the hacker, stating that they would not proceed with legal action if the stolen funds were returned. This led to some community members questioning the need for a public request for the return of the funds if the hacker was already identified.
A few hours after the exploit, GMBL reported that they had recovered half of the stolen funds. They asked the hacker to treat the situation as a white-hat scenario, requesting the return of 90% of the funds to their Arbitrum wallet and allowing the hacker to keep 10% as a bounty. The protocol threatened legal action if the funds were not returned by 9 pm EST the following day.
There were also claims of an inside job. Others questioned the legality of the DeFi gambling platform taking legal action.
The GMBL token's value plummeted by 75% following the exploit. Despite this setback, the protocol aims to generate yields for stakers by sending house profits to them. It had even jumped onto the "racing hamster" trend, offering gambling and a share of the winnings to its users.