Osmosis, a decentralized exchange created by using CosmosSDK, was drained for some $5 million. The exploit was made possible because of a critical bug in Osmosis’ system.
The $5 million worth of OSMO tokens was procured from Osmosis’ liquidity pools. While the liquidity pools were not completely drained, Osmosis has halted the blockchain until this bug is fixed.
The bug allowed users to withdraw 50% more than what they’ve deposited, in the process of providing liquidity to Osmosis’ liquidity pools. This was possible to do without a bonding period whatsoever, meaning there was no period over which the funds were locked.
One user exploited this bug more than 30 times, with numerous accounts. They decided to stop exploiting the bug once they’ve collected the $5 million.
The OSMO token is now down 6.58%. It trades at $1.07. According to CoinMarketApp, the token reached its all-time high value in March 2022, when it traded at $11.21, meaning that it is now 90% cheaper.