Latest Posts

Attackers drain $5 million from Osmosis; FireStake Validator admits to exploiting LP bug

- Advertisement -


👋 Do you want to work with us? Cryptooshala is recruiting for several vacancies!

June 7 someone posted Reddit thread which was later removed by a forum moderator. There was a serious complaint in the thread – there was a bug in the Osmosis network that allowed liquidity providers to earn an additional 50% when adding and withdrawing liquidity.

- Advertisement -

Osmosis (OSMO) is a blockchain in the Cosmos ecosystem that offers a decentralized exchange and wallet.

- Advertisement -

The claim seemed unbelievable until the network was shut down for emergency maintenance.

- Advertisement -

While the Osmosis team did not acknowledge the exploit at the time, the stop came after several attackers had spent around $5 million.

The Osmosis team has identified a bug and has developed a fix that is being tested before deployment. Developers are still working on restarting the network.

Here is how the attackers managed to exploit the network, as evidenced by the activity on the network:

A Twitter user pointed out in a thread that one of the attackers added liquidity in the form of USD Coin (USDC) and OSMO. The attacker then received GAMM LP tokens in return, which represented his share of the pool. These criminals immediately withdrew the GAMM LP tokens, thus receiving 50% more than the amount of USDC and OSMO that were added as liquidity.

The attacker then exchanged OSMO tokens for ATOM and sent them to other wallets. The same process was repeated over and over again – each time the attacker received 50% more tokens.

Most of the proceeds from OSMO were exchanged for ATOM and transferred to a wallet containing $9 million worth of ATOM tokens, according to a Twitter post. However, there were no USDC tokens in this wallet, which the attacker received using the error – USDC tokens were neither exchanged nor transferred, the thread added.

Osmosis identifies intruders; FireStake is coming out

According to Osmosis’s Twitter post, four attackers were identified as key perpetrators, stealing more than 95% of the amount used. Two of the four attackers volunteered to return the stolen funds in full. The other two have transactions with centralized exchanges that have been alerted in order to identify the perpetrators and return the funds.

Just an hour after Osmosis’s tweet about the attackers, FireStake – a validator in the Cosmos ecosystem – posted a tweet and admitted to exploiting the LP bug, but noted that they were trying to “fix the situation” and were working with the Osmosis team. return the funds used.





Credit : cryptoslate.com

- Advertisement -

Latest Posts

Don't Miss