Odin.fun, a Bitcoin-based memecoin launchpad, has frozen trading and withdrawals after its deposits dropped nearly 20% in under two hours, raising concerns about a major security breach.
The alarm was first raised by X user ‘@web3xiaoba,’ who flagged that the platform’s Bitcoin (BTC) deposits had fallen from 291 BTC to 232.8 BTC—a loss of roughly 58.2 BTC, worth around $7 million. The account identified two addresses allegedly involved and claimed the exploit was carried out by manipulating liquidity pools to extract BTC without leaving paired assets.
Founder Bob Bodily confirmed on X that the platform had paused all trading “to ensure we can protect user funds” while investigating the withdrawals. In a detailed update, he acknowledged, “Today we discovered a major exploit in our liquidity AMM which was introduced in our latest update. Several malicious users, primarily linked to groups in China, took advantage of this vulnerability to steal a significant amount of BTC from the platform.”
Bodily said the company treasury is not large enough to cover the losses but assured that the remaining funds are safe. A top-tier security and auditing team has been engaged to conduct a full code audit, which could take up to a week.
The company has contacted U.S. law enforcement and is cooperating with OKX and Binance, which have engaged authorities in China. Bodily warned those in possession of the stolen BTC to return the funds immediately, stating, “This is not a negotiation.”
Blockchain security firm PeckShield confirmed the drain, noting attackers added liquidity using tokens such as $SATOSHI, artificially inflated token prices, and then removed liquidity to receive BTC.
This is not Odin.fun’s first security scare. In April 2025, the platform suffered a breach after Bodily’s account was compromised, leading to the unauthorized clearance of assets. That incident had split the community between those sympathetic to Bodily and others skeptical of his account.
Following the latest breach, ODINDOG, the platform’s token, slumped about 40%, with other tokens on the platform also affected. Some Internet Computer (ICP) developers have pointed to a past flaw in the “Sign-In With Bitcoin” canister as a possible vector, though it remains unclear if it played a role this time.
Odin.fun has not provided a timeline for resuming withdrawals or trading. In a sector where reputation is as critical as security, the platform now faces the challenge of rebuilding trust in the volatile memecoin market.
Also Read: Qubic Pool’s 51% Attack on Monero Appears Successful: Slowmist
