Orion Protocol Loses $3M of Crypto in Trading Pool Exploit

Crypto trading venue Orion Protocol was set to pause operations Thursday after an apparent attacker drained millions of dollars worth of cryptocurrency, according to cybersecurity firm Peckshield.

Orion was the victim of a reentrancy attack (in which an attacker repeatedly withdraws funds from a smart contract), PeckShield said in a Twitter message. Gal Sagie, CEO of cybersecurity company Hypernative, said the attacker deployed a fake token called ATK which was used to manipulate the orion pools. It utilized a self-destructing smart contract.

“The protocol is being paused as we speak,” Peckshield said in a Twitter message. The firm said it is assisting Orion.

"The root cause is now confirmed w/ the team and they are fixing the bug now."

Initial estimates from on-chain sleuths placed the losses at $2.8 million on Orion’s Ethereum implementation and $200,000 on its BSC implementation. A wallet identified as the attacker’s began passing ether tokens through privacy mixer Tornado Cash shortly after the event.

In Orion’s Telegram channel, Chief Marketing officer Andrew Kirk told users the protocol was looking into reports of the issue. Kirk declined to immediately comment to CoinDesk.

The price of Orion’s native token ORN is little-changed following the apparent attack, up nearly 14% in the last 24 hours at $1.03.