The decentralized finance platform Levana Protocol confirmed on Dec. 27 that unknown attackers had drained approximately $1.14 million from the liquidity pool. The Levana team however insisted that the issue has “been fixed and opening positions will relaunch next week.”
‘Precognition Oracle Attacks’
The decentralized finance (defi) platform, Levana Protocol, recently confirmed that it was a victim of an oracle attack, in which approximately 10% or $1.14 million was drained from the liquidity pool (LP). However, in an update shared via X on Dec. 27, the Levana team insisted that the issue has already “been fixed and opening positions will relaunch next week.”
According to the update, the attack occurred 14 days earlier, and over 12 days, the hackers were able to drain approximately 4% off the LP. However, the attack increased significantly during Osmosis congestion on Dec. 26, resulting in an additional 5% drain. Initially, the Levana team attributed the resulting change in the profit and loss (PNL) to “organic trader profits and lack of effective cash.”
There have been 7 wallets identified as performing precognition oracle attacks on Levana during times of network congestion, it is assumed these are from one bad actor.
Read the report here: https://t.co/hqVZU8CpWS
Read below for more details:
— Levana Protocol (@Levana_protocol) December 27, 2023
At the time of writing, seven wallets, which are presumed to belong to a bad actor, were said to have performed “precognition oracle attacks” on the protocol during times of network congestion.
Impacted LPs to Receive Airdrop
Commenting on fears that hackers will continue to drain the LPs, the Levana team said:
“Existing LPs are not at risk of further exploit since opening new positions was paused yesterday morning. Impacted LPs will be compensated through future airdrops and protocol fees collected at the time of the exploit.”
Meanwhile, in a Medium post, the Levana team insisted that the protocol’s recent issues had “nothing to do with Osmosis as a chain itself.” Rather, the issues seem to stem from the limitations of the Cosmos software development kit (SDK) and Tendermint.
The team also revealed that, in addition to fixing the vulnerability, Levana will grant an airdrop to LPs impacted by the exploit. Furthermore, the affected LPs will receive a share of the fees collected during the attack window.
What are your thoughts on this story? Let us know what you think in the comments section below.