Levana falls victim to a hack of over one million dollars:
- The Levana protocol has been hacked, resulting in a loss of over 1.1 million dollars.
- The attack, which lasted for 13 days, allowed an assailant to drain 10% of Levana’s liquidity pools.
- The attackers took advantage of a congestion attack on the Osmosis chain.
Details of a hack over one million dollars
Levana, a perpetual DEX on the Osmosis blockchain, has fallen victim to a major hack that reportedly occurred from December 13th to December 26th, resulting in losses of over one million dollars.
According to the available information, the attackers exploited a vulnerability related to a recent “congestion attack” on Osmosis, which hindered user interaction with Levana’s protocol markets.
Furthermore, another flaw in Osmosis’ “fee market” exacerbated the hack.
A bug in Osmosis’ fee market code meant that during congestion periods, the provided gas price was typically insufficient to carry out transactions or perform ongoing maintenance activities“
Levana stated on X
In total, the attackers drained more than 10% of the protocol’s liquidity pools.
Actions taken by the Levana protocol
As compensation, Levana plans to compensate affected liquidity providers through an airdrop and the distribution of collected protocol fees during the attack period.
Furthermore, Levana is currently working on an update to address the security flaws exposed by the attack, which will be implemented on all blockchains where the Levana protocol is currently used, namely Osmosis, Sei, and Injective.
It is also worth mentioning that the creation of new positions and modifications to existing positions have been suspended until the deployment of the fix.