Binance CEO, Changpeng Zhao, said that no Binance users or assets were affected by the Orion Protocol (ORN) $3 million hack.
Changpeng Zhao tweeted that the Orion Protocol (ORN) hack was due to a lack of re-login protection and led to the loss of approximately $3M.
However, all Binance users and assets were safe from the hack. He further said that the Binance security team monitors the hackers’ addresses.
The tweet attracted a response from Surge DeFi, sympathizing with those who incurred losses in the incident and reinstating their commitment to promoting decentralized finance (DeFi) to avoid such incidents in the past. DeFi aims to increase the safety of crypto investors by investing in less centralized protocols.
Changpeng Zhao responded to an earlier news release by PeckShield regarding the 2nd Feb 2023 Orion Protocol (ORN) hack.
The incident momentarily crippled operations at Orion Protocol as the hacker drained crypto worth a couple of million dollars. The Peckshield cybersecurity firm identified the hack, developed a full report from their observation, and sent it to Orion Protocol before making a public announcement on Twitter.
The hacker launched a reentrancy attack on Orion and withdrew funds from a smart contract severally. Peckshiled announced that they paused the protocol by the announcement time.
The company assured Orion users that the security team had positively identified the root cause and was fixing the bug.
CEO of cybersecurity company Hypernative, Gal Sagie, said that the hacker deployed an adding Attack Wagon (ATK) token that uses self-destructing smart contracts to manipulate the Orion pools.
The cumulative worth of the losses
On-chain detectives estimated the losses from the incident at an average of $2.8 million on Orion’s Ethereum implementation and $200,000 on its BSC implementation. However, the attacker’s wallet started passing the siphoned ether tokens through a privacy mixer Tornado Cash shortly after the event.
However, Alexey Koloskov, the Orion Protocol CEO, conflicted the reports by tweeting that “all funds are safe and secure” hours after the attack.
The CEO also expressed the company’s confidence in its core protocol code. He said that the compromise might result from the vulnerability of mixing third-party libraries used by Orion private and experimental brokers in one of the company’s smart contracts.
The price of ORN, Orion Protocol native token, went up by approximately 14% to $1.03 in the last 24 hours after the attack.