Odin.fun Loses $7M in BTC After Liquidity Pool Exploit Linked to China-Based Hackers
Bitcoin-based memecoin launchpad Odin.fun has suffered a $7 million loss after attackers exploited a critical flaw in its automated market-making (AMM) system, draining over 58 BTC through a targeted manipulation of liquidity pools.
The exploit, which took place within a two-hour window, allowed hackers to deposit near-worthless tokens such as SATOSHI alongside bitcoin into Odin’s liquidity pool. By skewing token ratios in the platform’s thin markets, attackers artificially inflated the value of the lesser token relative to BTC. This enabled them to withdraw significant quantities of real bitcoin at inflated rates.
“This was a major exploit introduced in our most recent update,” co-founder Bob Bodily confirmed on X. “The attack was carried out by multiple malicious actors, many of whom are believed to be connected to organized groups in China.”
On-chain data revealed the platform’s BTC reserves plunged from 291 BTC to just 232.8 BTC during the breach. Odin’s AMM, like many others, relies solely on internal supply ratios rather than external market references, making it vulnerable to manipulation when liquidity is low.
The incident was first detected by a community member who flagged abnormal liquidity activity, prompting Odin to freeze suspicious accounts and begin an investigation. While remaining funds have been secured, Bodily acknowledged the project’s treasury is not sufficient to fully cover losses.
Odin is now working on a compensation plan for affected users, with details expected following a full audit by a third-party security firm. The team has also contacted U.S. law enforcement and is collaborating with Binance and OKX, who are reportedly in touch with Chinese authorities in an effort to trace and freeze the stolen funds.
