YEREVAN (CoinChapter.com) – Liquidity aggregate Orion Protocol (ORN) was hacked on Feb 2. According to estimations, over $3 million was taken from the platform due to the “vulnerability in its trading pool.” Here are additional details:
Late on Feb 2, a Twitter user under the pseudonym @spreekaway reported the problem among others. They estimated that $2.76 million evaporated from the mainnet while approximately $200,000 was gone from Binance Smart Chain (BSC).
The Binance team was “immediately notified” of the hack, after which the CEO Changpeng Zhao (CZ) tweeted that no Binance users or assets were affected.
According to findings from crypto security firm Peckshield Inc., the Orion protocol was hacked due to a re-login issue in its core contract.
The hack is made possible due to incomplete reentrancy protection: swapThroughOrionPool func allows user-provided swap path w/ crafted tokens whose transfer can be hijacked into re-entering depositAsset func to increase user balance accounting w/o actually costing funds!
commented the firm in a Feb 3 Twitter thread.
Allegedly, within minutes of the first hack, another attack occurred targeting the “Orion Finance” pool on the Ethereum scaling solution Arbitrum. Moreover, auditor Marco Paladin issued a warning on his Twitter page BEFORE the rug-pull on Arbitrum, but the presale filled fully in 10 min.
Be careful with interacting with ohm fork “Orion Finance” on @arbitrum presale in 30 minutes. The on-chain contract 0xe1cd602a4ad658f2e0bba76b2c1f3b325840e279 appears to be deployed by serial ruggers.
warned Paladin on Feb 1.
“I’ve got no idea whether this contract is deployed by Orion themselves or not,” said the expert. “BE CAREFUL,” he added and clarified his concerns in the thread that followed. However, despite the warning, $320,000 went to culprit addresses within minutes.
Next time try to weigh your chances before aping. Degeneracy is an inherently net negative. As soon as there’s a likelihood that the team acts maliciously, it’s often not worth it. Stay safe out there, I hope my followers were at least saved from this one, as it got so much hype.
read the latest tweet on Feb 2.
Also read: Emergence of a new crypto scam: What is Address Poisoning?
Bitcoin (BTC) layer 2 solutions have emerged as key players, showcasing impressive performance after the…
Normies might have been expecting prices to fly after the Bitcoin (BTC) halving event. However,…
In a recent conversation chain, crypto analysts deciphered the reason behind the pullbacks that come…
Litecoin price is giving mixed signals to traders, with bullish on-chain indicators and market sentiment…
NEAR Protocol Skyrocketed 35% This Week NAIROBI (Coinchapter.com) - The NEAR Protocol skyrocketed a remarkable…
Another Bank Failure in the U.S. NAIROBI (Coinchapter.com) - The United States banking industry faced…