The decentralized finance (DeFi) protocol Orion Protocol has become the latest victim of a cryptocurrency exploit. On February 2nd, Orion suffered a reentrancy exploit that resulted in a loss of around $3 million in ETH.
However, the company’s CEO, Alexey Koloskov, has stated that the damage was limited to an internal broker account and that user funds remain safe.
Over the weekend, blockchain security firm Rekt published a post-mortem of the attack, which was one of the largest DeFi exploits this year in terms of losses.
The attacker used a manipulated swap of flash loaned stablecoins to artificially deposit the assets twice, before withdrawing the inflated balance. This was achieved by creating and using a fake token (ATK).
Orion Protocol is a liquidity aggregator that aims to bring centralized exchange (CEX) liquidity to various blockchain networks. The company’s co-founder has stated that he is happy that no users were affected by the attack.
While the DeFi sector has seen several high-profile exploits this year, including LendHub’s $6 million loss in January, security firm PeckShield has reported that January’s numbers are down compared to the same period last year.
In January 2022, there were $121 million in losses due to exploits, while in January 2023, there were only $8.8 million in losses.
Orion has stated that it has addressed several issues, such as bug fixes and interface changes, following the attack. Rekt has concluded that the $3 million loss has motivated Orion to take a more controlled approach in the future.
Overall, the DeFi sector remains susceptible to exploits and attacks, but it seems that the industry is becoming more resilient as it evolves. It will be interesting to see how Orion and other DeFi protocols continue to address these challenges in the future.
