Gala Games Faces Internal Control Failure Leading to $200 Million Token Exploit

by

As a researcher with a background in blockchain security, I find the recent security breach at Gala Games deeply concerning. The unauthorized minting and sale of $29 million worth of GALA tokens is not only a significant financial loss for the company but also a blow to its reputation.

Internal control lapses at Gala Games led to a major security incident, allowing for the unauthorized creation and selling of $29 million worth of GALA tokens.

Security Breach Shakes Gala 

A significant security incident occurred at Gala Games, a blockchain gaming company founded by Eric Schiermeyer of Zynga, resulting in a substantial financial loss. This was disclosed in a public post on May 21st. The breach involved the misappropriation of their GALA tokens.

“We’ve identified and resolved the unique occurrence that led to this security intrusion. Collaborating closely with law enforcement, we’re diligently investigating those responsible.”

As a researcher delving into the blockchain world, I came across an intriguing discovery on Monday. An unknown entity had minted an astonishing 5 billion GALA tokens, valued around $200 million at the time. Before detection, this malicious actor managed to sell a portion of these tokens, specifically 600 million, on Uniswap, a decentralized exchange. However, once the compromised wallet was identified and frozen by Gala Games, the remaining 4.4 billion tokens became unsellable, effectively burning them.

Slow Initial Response and Investigation

As a researcher specializing in smart contracts and security auditing, I, 0xQuit, first raised concerns about suspicious activity on Twitter regarding Gala Games. Initially, there was no official announcement from the team about this matter, and they didn’t offer any clarification on their Discord server. This lack of communication fueled growing apprehensions within the community that a potential hack might have occurred.

In a subsequent statement, CEO Eric Schiermeyer admitted to internal control failures. 

Our internal safeguards malfunctioned, leading to this unfortunate incident. This should never have transpired, and we’re taking swift action to prevent such occurrences in the future. We’ve pinpointed the source of the problem and are collaborating with the FBI, DOJ, and a global network of law enforcement agencies to address it.

The company is collaborating with organizations such as the FBI and the U.S. Department of Justice, along with international partners, in their efforts to identify the person responsible.

Impact on GALA Token

As a crypto investor, I’ve experienced a significant setback with the value of my GALA tokens taking a hit following a security breach. The sudden decline was fueled by fear and uncertainty, with the team’s initial silence only adding to the turmoil. Consequently, the price of GALA dropped approximately 20% from around $0.048 to $0.038, based on data from CoinGecko. The attacker successfully made off with an impressive profit of roughly $29 million from this exploit. However, the market has shown signs of recovery, with GALA’s price rebounding to around $0.04, and Ethereum experiencing a 20% surge, which in turn has contributed to a broader upswing in the crypto market.

As a crypto investor in GALA, I want to assure you all that our main Ethereum contract for this project is rock-solid and secure.

As a researcher studying the $GALA project, I can assure you that the associated Ethereum contract is securely managed through a multi-signature wallet. This wallet setup ensures that no single entity has control over the funds, adding an extra layer of protection against potential breaches or unauthorized access. Consequently, the contract has remained untouched and uncompromised throughout its existence.

Read More

2024-05-21 15:14