Tuesday, November 28, 2023

Osmosis hit by hackers, loses $5 million.

Osmosis is the latest to suffer a loss to the tune of $5 million after hackers exploited a liquidity provider (LP) bug. The incident happened when a user, Straight-Hat3855, posted about the vulnerability on Reddit. The user said there is a serious problem with Osmosis that allowed users to grow LPs by 50% just by adding and removing liquidity.

The Reddit post was removed quickly but it had already caught the attention of malicious actors who took advantage and struck. As such, $5 million was removed from the liquidity pools on the Osmosis exchange. The exploitation halted the platform at a block height of 4,713,064.

RoboMcGobo, a project moderator, had detailed the flaw in a series of posts in the Osmosis Discord. He had outlined how the vulnerability allowed hackers to add liquidity to any Osmosis LP and immediately withdraw it for a 150% return on their initial deposit. The project moderator wrote that the function would give 50% too many LP shares for a join. He said that if one should have gotten 10 LP shares, 15 would be achieved out.

The moderator pointed out that the bug was exploited intentionally by a small number of users, and unintentionally by a few others. Four attackers, as per a Twitter thread from Osmosis, were responsible for 95% of the total exploit amount. Two attackers voluntarily stepped forward to return the stolen funds.

Firestake, a validator in the Cosmos ecosystem, admitted through a tweet that a temporary lapse in good judgment saw two members of its team exploit the bug whereby the exchange lost roughly $2 million. It said they were thinking about their family’s future when they continued to exploit the bug. But they decided to voluntarily return the funds after stressing through the night.

Cryptured Team
Cryptured Team
The writers team at Cryptured.com is composed of passionate and experienced journalists who cover the latest developments in the crypto and blockchain space. They aim to provide accurate, unbiased and easy-to-understand news and information for their readers, as well as insights and analysis from industry experts. The writers team is always on the lookout for new and exciting stories that can help the general public learn more about the potential and challenges of these technologies.

Most Popular