Osmosis Hit by $5M Exploit

Must read

The ‘Brussels Effect’ wields real influence over US crypto regulation

The right to privacy is enshrined in many legal traditions around the world. In the United States, it’s protected by the Fourth Amendment; in...

Lack of ‘qualified people’ without more Web3 education, say academics

Australian blockchain academics and educators have called for more robust Web3 education in schools, preparing students for a world that will be dominated by...

Warner Music Group partners with OpenSea to create more Web3 opportunities for artists

The company stated that select artists can launch their NFT collections and limited-edition projects on their own dedicated drop pages. 1174 ...

Market manipulation claims will be hardest ‘nut to crack’ in Bitcoin ETF approval — WisdomTree

“We’re all kind of watching this and seeing what’s going to happen,” said WisdomTree's Will Peck on spot Bitcoin exchange-traded funds in the...

Osmosis, a decentralized exchange built on Cosmos, was hacked for roughly $5 million, leading to an emergency halt of the entire Osmosis blockchain.

Osmosis homepage
Osmosis homepage

The major defect that led to the attack was initially revealed by a community member posting on the Osmosis subreddit under the username Straight-Hat3855. “There is a big problem with osmosis,” they warned, claiming that adding liquidity to the decentralized exchange and quickly withdrawing it resulted in customers receiving 50 percent more tokens than they had deposited.

Other community members began depositing and withdrawing liquidity after expressing doubts about the user’s claims, only to discover that the exploit worked exactly as claimed. According to Osmosis, roughly $5 million of the exchange’s entire locked value of $212.77 million was drained before the developers suspended the blockchain for emergency maintenance.

However, the blockchain’s validators responded and organized the emergency halt within 12 minutes of the attack being identified, according to pseudonymous Osmosis senior analyst RoboMcGobo. If the engineers had not halted the chain, malicious users might have continued to use the exploit to drain the exchange’s total liquidity.

According to a tweet from the Osmosis official account, the “bug has been identified and a patch written.” “More testing is underway before validators are recommended to coordinate a restart,” the team promised, stating that a complete problem report and action plan would be coming soon.

Update: The bug has been identified and a patch written.

More testing is underway before validators are recommended to coordinate a restart.

Full bug report and action plan for more thorough and proper end to end testing of chain upgrades to follow in coming days. https://t.co/DjJMOEQxrT

— Osmosis 🧪 (@osmosiszone) June 8, 2022

Approximately an hour after Osmosis’ comment on the assault, FireStake, a validator in the Cosmos ecosystem, tweeted that two employees exploited the flaw to the tune of $2 million owing to “a brief lapse in good judgment.”

When FireStake discovered the flaw, they tweeted to their 1,700 followers that they were “considering [their] family’s future.” They willingly returned the funds and “put things straight” after confessing to “stressing through the night” about the matter.

Dear @osmosiszone community, many of you know about the Osmosis LP bug that occurred yesterday.

In disbelief of it being real, two members of @fire_stake started testing to see if the bug existed, testing grew into a temporary lapse in good judgment, and…

— FireStake | Validator (@stake_fire) June 8, 2022

According to Osmosis co-founder Sunny Aggarwal, the other two hackers involved in the crime made a series of transfers to centralized exchanges, which Aggarwal believed would make it easier to hunt them down.

RoboMcGobo reacted to  Aggarwal’s statements in the project’s Discord: “Funds have been linked to CEX accounts. Law enforcement has been notified,” RoboMcGobo wrote. “We’re hopeful that the exploiters will do the right thing here so that aggressive action will not be necessary.”

Osmosis is a decentralized exchange in the Cosmos ecosystem and, like other Cosmos SDK chains such as Secret Network, is interoperable with the entire Cosmos ecosystem. According to DeFi Llama data, despite hosting only one decentralized application, Osmosis is the second-largest Cosmos-based blockchain by total value locked.

The OSMO token fell around 2.3% in response to the revelation, falling from about $1.19 before the exploit to $1.03 at the time of writing.

Understanding How to Safeguard Your Cryptocurrency Against Theft and Hacking

The potential security risks associated with owning digital assets may have discouraged some investors from participating in the cryptocurrency market at all. Indeed, as the cryptocurrency market evolves at a breakneck pace, so are the tactics used by cybercriminals to steal tokens. On the other hand, watchful crypto investors can take cybersecurity measures to safeguard their assets, avoid scams, and keep hackers at bay.

Wallets Are Essential

Many investors buy popular digital currencies, such as Bitcoin or Ethereum, through a crypto exchange and keep the assets on that exchange. Although crypto exchanges have their own security mechanisms in place to prevent theft, they are not immune to cyber-attacks.

Investing in a cryptocurrency wallet is one of the best ways to protect your assets. Wallets are classified into two categories i.e.hardware and software wallets. Although new designs are constantly being introduced, hardware devices are the more secure option.

Coinbase Wallet 

Coinbase wallet
Coinbase wallet page

Coinbase Wallet is an excellent choice for beginners as it’s an easy-to-use and secure wallet supported by a well-known exchange.

The app can link to most major bank accounts and offers a friendly and easy-to-use interface with a basic three-tab structure and easily distinguishable functionalities. Coinbase Wallet can hold non-fungible tokens (NFTs) and digital collectibles in addition to over 500 crypto assets.

Understanding the difference between the Coinbase exchange and the Coinbase wallet is vital. The Coinbase wallet can be used without registering with the exchange. It’s non-custodial, meaning private keys are held on your device rather than on Coinbase’s servers; therefore, you don’t have to be concerned about your funds being frozen or exposed to a website hack.

CoinStats Wallet

CoinStats wallet

CoinStats is a crypto portfolio manager and DeFi wallet allowing crypto enthusiasts to sync and track all their cryptocurrency holdings in one app. CoinStats supports over 8000 coins and various blockchain networks, including Bitcoin, Ethereum Mainnet, Binance Smart Chain, Polygon, and Avalanche. It allows you to securely export your private keys, giving you complete control over your crypto and DeFi portfolio.

You can purchase cryptocurrency with a credit card and swap as much as you like with minimal CoinStats Swap fees. 

If you want to trade on cryptocurrency exchanges actively, you can retain your assets on the platform throughout the trading day, but once it’s over, you should move your coins to a non-custodial wallet, such as CoinStats Wallet, to ensure their safety.

Exodus Wallet

Exodus Wallet
Exodus Wallet

Exodus is an excellent desktop crypto wallet, famous for its transaction speed, ease of use, and extensive client features.

Exodus is one of the most visually appealing and user-friendly wallets. It was formerly a desktop-only wallet, but now it offers iOS and Android apps and is compatible with Trezor hardware wallets. Nonetheless, the desktop wallet program remains the wallet’s fundamental feature and is updated every two weeks.

Exodus supports a wide range of cryptocurrencies, including well-known coins like Ether, Litecoin, XRP, Bitcoin Cash, and famous meme currencies like Dogecoin and Shiba Inu.

Ledger Nano X 

Ledger Nano X is a popular hardware wallet with a large number of supported currencies, excellent security requirements, and mobile trading features.

Ledger homepage
Ledger homepage

Ledger’s first wallet, the Ledger Nano S, a feature-packed and highly secure cold wallet, spurred the company’s early success. The Ledger Nano X builds on the success of the Nano S by including a built-in battery, Bluetooth connectivity, and enhanced asset management capabilities.

The Ledger Nano X costs $119. The wallet supports over 1,800 currencies and tokens and can manage up to 100 of them simultaneously via the device’s apps. The Nano X’s Bluetooth Low Energy connectivity can be disabled at any time, allowing the Nano X to be used with the Ledger Live software on Android or iOS to trade cryptocurrency on the go.

Closing Thoughts

The cryptocurrency space is constantly evolving, and you solely must safeguard your digital assets by using a software or hardware wallet. Always stay updated with the latest security news, attack methodologies, and defense measures.

You can also visit our CoinStats blog to learn more about wallets, cryptocurrency exchanges, portfolio trackers, tokens, etc., and explore our in-depth buying guides on how to buy various cryptocurrencies, such as How to Buy BitDAOWhat Is DeFi, How to Buy Cryptocurrency, etc.

Investment Advice Disclaimer: The information contained on this website is provided to you solely for informational purposes and does not constitute a recommendation by CoinStats to buy, sell, or hold any securities, financial product, or instrument mentioned in the content, nor does it constitute investment advice, financial advice, trading advice, or any other type of advice.

Cryptocurrency is a highly volatile market and sensitive to secondary activity, do your independent research, obtain your own advice, and only invest what you can afford to lose. There are significant risks involved in trading CFDs, stocks, and cryptocurrencies. Between 74-89% of retail investor accounts lose money when trading CFDs. You should consider your circumstances and obtain your advice before making any investment. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant regulators’ websites before making any decision.

More articles

Latest article

The ‘Brussels Effect’ wields real influence over US crypto regulation

The right to privacy is enshrined in many legal traditions around the world. In the United States, it’s protected by the Fourth Amendment; in...

Lack of ‘qualified people’ without more Web3 education, say academics

Australian blockchain academics and educators have called for more robust Web3 education in schools, preparing students for a world that will be dominated by...

Warner Music Group partners with OpenSea to create more Web3 opportunities for artists

The company stated that select artists can launch their NFT collections and limited-edition projects on their own dedicated drop pages. 1174 ...

Market manipulation claims will be hardest ‘nut to crack’ in Bitcoin ETF approval — WisdomTree

“We’re all kind of watching this and seeing what’s going to happen,” said WisdomTree's Will Peck on spot Bitcoin exchange-traded funds in the...

Judge orders SEC to turn Hinman documents over to Ripple Labs after months of dispute

U.S. District Court Judge Analisa Torres overruled the SEC’s second attempt to withhold the documents relating to former Division Director William Hinman, who...