Levana Protocol, a decentralized finance (DeFi) platform operating on the Osmosis blockchain, lost millions of dollars due to security abuse.
Levana Protocol, $1.1 million fell victim to a security breach. Osmosis blockchain Due to a late discovered error on the platform operating on for 13 days was the target of the attackers. After the abuse was noticed, the vulnerability was closed.
Attacker, Between 13 December and 26 December In other words, thanks to the vulnerability exploited for 13 days, Levana’s liquidity pools were destroyed. managed to drain 10%. The team emphasized that existing futures positions or profits were not affected by the attack.
In the report submitted about the abuse, it was stated that the attacker said:congestion attackIt was stated that they used the ” method. This type of attack overwhelmed the capacity of the network, preventing normal transactions, making it difficult for Levana users to interact with the markets. Taking advantage of the vulnerability, the attacker emptied the pools in parts over a 13-day period:
A bug in the Osmosis market code meant that during busy times the transaction fee provided was often insufficient to make transactions or perform ongoing bot maintenance activities. There is no security vulnerability regarding the Pyth oracle. The Pyth oracle behaved exactly as expected.