Cryptocurrency meme coin platform Odin.fun suffers $7 million loss due to liquidity exploit
In a recent incident, the cryptocurrency trading platform Odin.fun fell victim to a liquidity manipulation attack, resulting in the loss of approximately 58.2 BTC, equivalent to around $7 million. This attack, confirmed by third-party security researchers, exploited vulnerabilities in the platform's automated market-making (AMM) system.
The attackers artificially inflated the price of a meme coin called SATOSHI within the liquidity pool on Odin.fun. By exploiting the AMM's price formula, which depends on token ratios, they were able to withdraw more valuable assets like Bitcoin at inflated prices. This sudden withdrawal caused a significant drop in Odin.fun's Bitcoin reserves.
Liquidity manipulation attacks are a type of exploit that targets smart contracts or automated liquidity market-making tools in decentralised exchanges or DeFi platforms. These attacks often leverage shallow or poorly secured liquidity pools, making them particularly dangerous for platforms with less established security measures.
In this case, Ari Redbord of TRM Labs suggested that the attack on Odin.fun was due to a flaw introduced during an AMM update. The identity of the perpetrators remains unknown, but they are believed to be primarily linked to groups in China.
Odin.fun, a Bitcoin-based meme coin launchpad, launched in January 2025 to allow users to trade Bitcoin Runes, a type of fungible Bitcoin-based token. However, the platform's treasury is not large enough to cover the losses, and while the remaining funds stored in the platform are safe, the incident has raised concerns about the security and transparency of such platforms.
This is not an isolated incident. In 2022, DeFi platform Mango Markets lost around $116 million to a similar exploit. As the DeFi sector continues to grow, so too does the risk of such attacks, with criminals often targeting new or lightly audited protocols tied to high-volatility trading.
In light of the attack, Odin.fun has paused its operations and plans to resume next week after a full audit of its code. s0xToolman, a pseudonymous analyst at DeFi auditing tool Bubblemaps, commented on the simplicity of the exploit and said there's no excuse for the team not to know this could happen.
In response, Odin.fun's partners OKX and Binance are communicating with Chinese authorities regarding the incident. As the cryptocurrency market continues to evolve, it's crucial for platforms to prioritise security measures to protect themselves from such attacks.
- The cryptocurrency trading platform Odin.fun, which operates on Ethereum blockchain, uses web3 and decentralized finance (DeFi) for its operations.
- The attack on Odin.fun highlights the vulnerabilities of decentralized exchanges and DeFi platforms, especially those with less established security measures.
- In a highly publicized incident in 2022, the DeFi platform Mango Markets lost a substantial amount of capital, around $116 million, due to a similar exploit.
- The attack on Odin.fun involved the manipulation of a meme coin called SATOSHI within a liquidity pool, exploiting the platform's automated market-making (AMM) system.
- The perpetrators of the attack, who are believed to be linked to groups in China, were able to withdraw more valuable assets, like Bitcoin, at inflated prices due to the manipulated token ratios in the AMM's price formula.
- Cryptocurrencies like Bitcoin and Ethereum (ETH), as well as tokens like Bitcoin Runes (a fungible Bitcoin-based token), are commonly traded on these platforms, including Odin.fun.
- odin.fun's partners, OKX and Binance, are collaborating with Chinese authorities to investigate the incident and address any security concerns.
- In the aftermath of the attack, Odin.fun has paused its operations for a full code audit before resuming next week.
- As the cryptocurrency market expands and DeFi sector continues to grow, prioritizing strong security measures becomes increasingly important to protect platforms and maintain consumer trust in the technology and business of cryptocurrency.
