Blockchain Protocol Levana Hit by $1.1M Exploit
Levana, a platform for continuous exchange on the Osmosis blockchain, recently faced a significant setback, losing more than $1.1 million from its pool reserves due to a breach.
The breach unfolded across a 13-day period, starting on December 13 and culminating on December 26. During this time frame, nearly 10% of Levana’s liquidity pools were siphoned off by unidentified attackers.
The exploit took advantage of a congestion disruption that targeted the Osmosis chain, severely impacting Levana users’ ability to engage with the trading markets. The situation worsened due to a loophole in Osmosis’ fee market code and discrepancies in Levana’s integration with the Pyth oracle. These weaknesses provided the attackers with an opening to manipulate market prices and deplete the pools.
Levana stated, “The issue stemmed from a flaw in Osmosis’ fee market code, causing gas prices to inadequately support trades or maintenance during congestion periods.”
The team reassured users that the Pyth oracle functioned as intended, with no identified vulnerabilities.
In response to this incident, Levana is actively developing a solution that will be implemented through a comprehensive code upgrade across all platforms where Levana operates, including Osmosis, Sei, and Injective.
READ MORE: UK Regulators Scrutinize Microsoft-OpenAI Alliance Amid Tech Giant Probe
While the exploit has not impacted existing trade positions or profits, Levana has temporarily paused the initiation of new positions or modifications to current ones until an upcoming scheduled update next week.
To address the impact on affected liquidity providers, Levana plans to compensate them by conducting an airdrop and distributing protocol fees collected during the period of the attack.