Orion Protocol suffered a total loss of $3 million on ETH and BSC. This was first visible on Twitter, followed by an announcement by Orion’s CEO. He, however, claimed that the harm that was done was contained to an internal broker account. In his statement, the user funds happen to be safe. Where Orion is concerned, it is a liquidity aggregator with the goal of bringing CEX liquidity on-chain. It also happens to be them who have been able to adequately address issues related to liquidity, custody, accessibility, and upgradeability through one platform.
Where the hacker is concerned, he utilized controlled swaps of flash-loaned stablecoins through fabricated deposits of the assets two times, followed by the withdrawal of the expanded balance. Further still and with the building of a fake token (ATK), and with the routing of a swap of the flash loaned funds with the help of ATK, a reentrancy hook going by the name of depositAsset lying with ATK’s transfer movement happened to have doubled the hacker’s account balance.
As per the available information, most of the funds that have been siphoned off have been deposited in Tornado Cash. However, there happens to be a balanced amount of $1 million of ETH lying in the Ethereum address. In the case of the hacker, his account was supposedly funded by a Binance-labelled wallet.
According to the opinion of the CEO of Orion, Alexey Koloskov, he happens to be entirely sure of his team and his company’s protocol code. In his viewpoint, however, there is a possibility that the theft may have taken place because of a soft point in combining third-party libraries in one of their smart contracts, which were being utilized by their experimental and private brokers.
Furthermore, he firmly believes in the fact that all issues related to safety and security should be on top of every other consideration. They will now produce all the contracts in-house to avoid supposed dangers from third parties.
Therefore, now their entire focus will be on eliminating all security-related risk factors and helping to make the Orion Protocol much healthier. There is the general feeling that they will be taking further assistance, in terms of overall security, from Sirius-ly.