Osmosis, a proof-of-stake (PoS) blockchain featuring a decentralized exchange (DEX) application within the Cosmos (ATOM) ecosystem, has fallen victim to an exploit resulting in approximately $5 million in losses. The project’s official Twitter account confirmed the hack but refuted claims that liquidity pools were entirely emptied. The tweet stated, “Devs are fixing the bug, scoping the size of losses (likely in the range of ~$5M), and working on recovery.”
In response to the vulnerability, the network validators took the precautionary measure of halting the chain to prevent users from further exploiting the issue. A network validator known as ‘EmperorOsmo(Hathor Nodes)’ reported, “As of block #4713064, the Osmosis chain has been halted for emergency maintenance. At this time, the Osmosis DEX and Wallet are inoperable, until repairs are completed.”
The exploit in Osmosis was reportedly facilitated by a “critical bug” in the protocol’s liquidity pools, allowing users to increase their position by 50% simply by adding and removing liquidity from any pool. This bug had the potential to drain all liquidity pools within the platform.
On-chain transactions revealed that users had begun exploiting the vulnerability before the network was halted. For example, one address that “repeatedly executed the bug for more than 30 minutes” managed to abscond with around $75,000 worth of ATOM, according to user ‘Junønaut’.
As per DeFi Llama, Osmosis currently boasts a total value locked (TVL) of over $212.77 million.
The native token of the project, OSMO, has also been adversely affected by the recent exploit. The token is presently trading at $1.08, reflecting a 4.1% decrease over the past 24 hours. Over the past 7 days, it has seen a decline of 22%, and over the past month, it has dropped by 68%.