Hacking the Osmosis network
There was a bug in the osmosis network, and a Reddit user pointed out in a post that anyone who deposits funds into the pool will earn an additional 50% when withdrawing the funds. Notably, the post has now been deleted.
Users started stealing the funds quickly, taking advantage of the situation. In such a scenario, a user provided liquidity of 101,230 OSMO and made a 50% profit from it, exiting his position with 151,084 OSMO tokens. This process was repeated almost 30 times.
The Osmose Network validators have decided to report problems on Discord after the v9 Nitrogen upgrade, and the blockchain was shut down to save remaining liquidity on the decentralized exchange.
For the moment, the Osmosis DEX and its native wallet remain inoperative. According to the network’s official Twitter account, “The software error that led to the channel going down was introduced in the latest Osmosis v9.0 update which went live yesterday.”
Transparency and open communication is what makes the Osmosis community so much stronger than before.
The software error that led to the channel stopping was introduced in the latest Osmosis v9.0 update which went live yesterday.
— Osmosis 🧪 (@osmosiszone) June 8, 2022
“Fortunately, the quick and decisive action taken by Osmosis validators and community members has resulted in the scope of the exploitation being relatively small. While the detailed calculation is still ongoing, the total amount of the overdraft is estimated to be around $5 million,” the network said. revealed.
About an hour after Osmosis’ statement about the assault, FireStake, a validator in the Cosmos ecosystem, tweeted a Twitter thread revealing that two members of its staff exploited the vulnerability to the tune of $2 million. In addition, all losses will be covered and information on the recovery plan will be disclosed shortly. The Twitter post added that “The bug itself was simple and involved the incorrect calculation of LP shares when adding and removing liquidity from pools. It should have been caught. It was painfully overlooked in testing. internals that focused on more advanced features related to the upgrade.