Double your money in a few clicks: a defect has been discovered in Osmosis DEX

Hackers create a new victim Osmosis is a blockchain from the Cosmos ecosystem developed by Osmosis Labs. Practically speaking, this is hosted by Osmosis DEX, one of Cosmos’ main decentralized exchange platforms. That was recently undermined after a breach resulted in a $5 million loss.

Osmosis DEX: Double your money in a few clicks

On June 8, user straight hat 3855 From the subreddit /r/cosmosnetwork alert the community to a strange problem affecting the decentralized exchange of osmosis. In fact, it was discovered that a file The effect of the imbalance on liquidity pools.

“Go put $5 in pool 1. Add cash, then withdraw cash. Now you have $15.”

A surprising message baffled many netizens, convinced that it could not be true. Apparently many of them still went to verify Straight-Hat3855’s claims with the experiment.

To their surprise, his The assurances were well-founded. After this discovery, many users began to repeat the process in order to Easily double their money.

In fact, unlike most DeFi bugs that require quick loans, or an advanced understanding of smart contracts, anyone can exploit this bug.

This is especially the case for the title osmo1hq Who repeated the maneuver dozens of times. On each iteration, the latter was able to recover 50% extra money on the amount initially deposited.

Example of two operations to add liquidity and then withdraw it with a profit of 50%.

>> Play it safe, sign up for FTX Crypto Exchange Reference (affiliate link) <

He stole 5 million: Osmosis had to stop the channel

It is clear that many users have implemented the same osmo1hq technology. Therefore, more than 5 million dollars It was withdrawn from the Osmosis DEX fluidity complexes.

See also  Live economic / economic news for the day BNP Paribas, Crédit Mutuel and Société Générale consider assembling their distributors

Shortly after the events, the osmosis teams reached out via Twitter announcing the flaw. Moreover, they decided Pause osmosis channelit’s time to correct the error so that the balance sheet does not increase the losses.

“Hello osmosis friends. Since block 4713064, the osmosis channel has been closed for emergency maintenance. At this time, the DEX and Osmosis Wallet are not working until the repairs are completed.”

After investigation, the teams said the error was relatively minor, a Miscalculation of LP . shares When adding and removing liquidity. It’s hard to tell how such a trivial bug could pass the code testing stages.

And about the losses osmosis announced that All losses will be covered.. To do this, they rely on recovering part of the stolen funds. The lost money will be charged to the developer’s cash fund.

One of the auditors participates in the attack

While the case seemed under control, a new development occurred. A few hours after the company’s events FireStakewhich offers validation service for the Osmosis network and many others in the Cosmos ecosystem, made an announcement that was surprising to say the least.

Ainsi, FireStake A announce He also has Take advantage of the error detected in Osmosis DEX. In total, this will be responsible for suction 2 million dollars.

Disbelief that the bug existed, two members of FireStake began testing to see if the bug existed. The test turned into a temporary error in judgment.. In the process, we were able to convert $226 into approximately $2 million. We were thinking about the future of our family, not our community.”

Out of remorse, the FireStake teams decided to publicize their wrongdoing and announced that they had contacted the osmosis teams to return the stolen funds.

See also  Elon Musk pays Jack Sweeney to shut down the Twitter account that follows his private jet

A fictitious situation, where a validator is supposed to secure the network, trust users by delegating their money, is able to exploit a loophole and is the source of nearly half of the stolen funds.

On Ethereum, white hat managed to steal 70,000 ETH after discovering a vulnerability to put it in a safe place. In exchange for saving over $120 million, he said I got a great bounty of 6 million dollars.

Stay away from spammers and scammers of all stripes, avoid very good offers that are hard to believe like the plague, and get in the habit of showing healthy skepticism. On the other hand, also learn to place reasonable trust in the respected and recognized players in the ecosystem. The FTX platform undoubtedly falls into this second category. Come, earn and trade your first bitcoins and other cryptocurrencies Sign up for FTX. You will benefit from a lifetime discount on your transaction fees (referral link).


Please enter your comment!
Please enter your name here