- The hacker created a fake token and deposited it artificially to manipulate a flash-loaned stablecoin exchange
- Attack happened because of a weakness in mixing third-party libraries
The hacker who stole ether worth $3 million from the Orion Protocol wants to give the money back, Crypto News wrote, reposting a screenshot originally posted by blockchain sleuth Peckshield. The tweet shows the attacker’s address and a statement that he is ready to give a refund. The attacker asked for a wallet address, most likely to deposit the stolen funds.
The hacker’s change of heart remains a mystery. Moreover, it’s unclear whether he’ll return all the money or only some of it.
Flash loan was used to perpetrate attack
The hacker created ATK, a fake token, and deposited it artificially to manipulate a flash-loaned stablecoin exchange. The balance rapidly gained value, reaching $3 million, when the attacker withdrew it.
After a blockchain analysis, it was estimated that Orion lost $2.8 million for the Ethereum implementation and $200,000 for the Binance Smart Chain one. The attacker ran the stolen ether through Tornado Cash shortly after the incident.
No Orion users lost funds
Orion CEO Alexey Koloskov assured users via Twitter that the protocol’s codes weren’t to blame for the exploit. He explained that it happened because of a weakness in mixing third-party libraries. This occurred in one of Orion’s private brokers’ smart contracts.
According to Koloskov, only this broker’s account bore the consequences of the attack. No customer funds were lost.
To avoid similar events in the future, Orion Protocol has decided to stop using external developers for its smart contracts. The broker, who hasn’t been identified, should be relieved by the news that the attacker wants to return the money.
The latest DeFi attack
The Orion attack is the latest in a series of highly publicized DeFi exploits that have taken place this year. LendHub lost $6 million in an exploit on Jan. 12, and Midas Capital and Thoreum Finance were targeted as well.