Memecoin Launchpad Odin.fun Suffers $7M Liquidity Exploit

CN
coindesk
Follow
1 hour ago


Hackers drained 58.2 bitcoin (BTC), worth about $7 million, from memecoin launchpad Odin.fun in a sophisticated liquidity manipulation exploit that is being linked to China-based hacking groups.

The attack targeted the Bitcoin-based memecoin launchpad’s automated liquidity market-making system, which co-founder Bob Bodily later described as having a critical vulnerability.

Blockchain data shows the platform’s bitcoin reserves plummeted from 291 BTC to 232.8 BTC in under two hours amid the attack.

“Today we discovered a major exploit in our liquidity AMM which was introduced in our latest update,” Bodily said in an X post following the attack. “Several malicious users, primarily linked to groups in China, took advantage of this vulnerability to steal a significant amount of BTC from the platform.”

Attackers exploited Odin’s liquidity pool by depositing a worthless token like SATOSHI alongside BTC, setting an inflated price ratio in the thin market. By manipulating the pool’s math — often through self-trading or over-weighted deposits — they made the token appear far more valuable in BTC terms.

They then withdrew liquidity, receiving large amounts of real BTC at the fake price, draining 58.2 BTC from the pool.

This pump-and-drain worked because automated market makers rely purely on internal supply ratios, not external price checks, making them vulnerable when pools are shallow or poorly secured.

Bodily said the incident involved multiple threat actors, many tied to Chinese groups, working in coordination to exploit the flaw. The breach was first flagged by a community member who noticed the unusual liquidity movements, prompting an immediate freeze on suspicious accounts.

While the platform’s remaining funds are “safe,” Bodily admitted Odin’s treasury isn’t large enough to fully absorb the losses, forcing the team to prepare what he called a “concrete plan” to compensate affected users.

“We have ideas… we’ll share details as soon as they are finalized,” he said on X, adding that the plan is being shaped alongside a full audit from a security firm in a process expected to take up to a week.

The Odin.fun team has contacted U.S. law enforcement and is coordinating with Binance and OKX, both of which have engaged Chinese authorities to track and potentially freeze the stolen funds.

Read more: Indian Crypto Exchange CoinDCX Suffers $44M Hack


免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

限时狂撒18万U,注册即享1500U福利!
Ad
Share To
APP

X

Telegram

Facebook

Reddit

CopyLink