Loading...

$5 million stolen from Osmosis DEX after attackers exploit a bug

$5 million stolen from Osmosis DEX after attackers exploit a bug
Photo Credit: 123RF.com
9 Jun, 2022
Loading...

In yet another attack on the crypto industry, Osmosis (OSMO), a decentralized exchange (DEX), was targeted and cryptos worth $5 million were stolen, reported Cointelegraph. Stolen assets worth $2 million have already been recovered.  

The attackers exploited a liquidity provider (LP) bug that allowed them to manipulate LPs by adding and removing liquidity. One of the Osmosis moderators, called RoboMcGobo on the exchange’s Discord, said that the flaw allowed attackers to add liquidity to Osmosis LP and withdraw it for a 150% return. 

After the detection of the breach, the Osmosis chain was halted to prevent further exploits. “The chain has temporarily halted due to technical issues caused during the recent update. The bug has been fixed and devs and validators are preparing to restore the chain,” the exchange said in a notification on its website. 

Loading...

Osmosis also said that it has identified the attackers. Four individuals have been identified who accounted for 95% of the realised exploit amount. Two of the four individuals intend to return the exploited amount in full, the exchange said in the Twitter thread.

To identify the remaining exploiters and recover the funds, Osmosis said that it has alerted other exchanges. “Law enforcement has also been notified with the intent to investigate further,” the exchange added.  

Built on the Cosmos network, Osmosis is a decentralised peer-to-peer exchange that allows users to create liquidity and trade Inter-blockchain communication (IBC) enabled tokens. It allows heterogeneous exchanges to communicate and exchange assets such as tokens by sending packets of information through dedicated channels using smart contracts. 

Loading...

This makes different exchanges interoperable. 

Osmosis is a proof of stake blockchain, which allows its users to provide liquidity and natively stake the tokens. 

Attacks on crypto exchanges and wallets have soared in the last few months due to the growing value of cryptos and the volume of crypto transactions. According to a December report by Crystal Blockchain, more than $4 billion worth of cryptocurrencies were stolen in 2021. 

Loading...

In March, attackers stole cryptos worth $625 million from the Ronin Network, a sidechain of the Ethereum network for the play-to-earn blockchain game Axie Infinity.