The exploit allowed attackers to withdraw $1 million from the Levana protocol
The perpetual swap protocol on the Osmosis Levana blockchain fell victim to an exploit, resulting in the loss of more than $1.1 million from its liquidity pools.
According to the team, the exploit was used for 13 days, causing attackers to steal 10% of the protocol's liquidity pools between December 13 and December 26.
The attackers took advantage of the Osmosis network congestion attack, which made it difficult for Levana users to interact with the markets. The situation was exacerbated by a bug in the Osmosis fee market code and “legacy prices” in Levana’s integration with the Pyth oracle, which allowed attackers to manipulate prices and drain pools.
