13.08.2025 18:52

A significant security breach has impacted Odin.fun, a Bitcoin-based memecoin launchpad, resulting in the theft of approximately $7 million worth of Bitcoin (58.2 BTC). This incident, discovered on Wednesday, has left the platform’s treasury unable to fully compensate affected users, according to co-founder Bob Bodily. Trading has been temporarily suspended to facilitate a thorough code audit, expected to last up to a week.

Bob Bodily confirmed the platform's inability to cover user losses from its treasury, though he reassured users that remaining funds are secure following the trading halt. He attributed the exploit to a vulnerability introduced in a recent update to the platform's liquidity automated market maker (AMM). Exploiting this weakness, a group of malicious actors, primarily linked to China, manipulated the platform to steal the considerable sum of Bitcoin.

On-chain analysis by PeckShieldAlert points to a weakness in the smart contract's design as the root cause. The attackers leveraged the recently implemented liquidity pool upgrade. Their strategy involved adding liquidity to a meme token on Odin.fun, artificially inflating its value to attract unsuspecting traders. This created the illusion of a bull market, enticing further participation.

Following this manipulation, the attackers swiftly withdrew the stolen Bitcoin from the liquidity pools, triggering a sharp devaluation of the affected tokens. This cleverly executed attack highlights the critical need for robust security measures in decentralized finance (DeFi) platforms, underscoring the ongoing risks associated with smart contract vulnerabilities and the need for rigorous auditing processes. The incident underscores the increasing sophistication of attacks targeting cryptocurrency platforms and the importance of proactive security measures.