Orion protocol suffers $3M hack due to third-party vulnerabilities

2023-2-3 16:10

Decentralized exchange platform Orion Protocol has suffered a $3 million hack due to reentrancy issues from third-party libraries.

Orion protocol was designed to enable users to access liquidity pools across centralized and decentralized exchanges right from their non-custodial wallet.

However, an incomplete reentrancy issue caused the protocol to be hijacked by a hacker who stole about $3 million, securities firm Peckshield reported on Jan. 3.

The hacker repeatedly called the “depositAsset” function which exposed the contract to the exploit. It started with initial funding of 0.4BNB from Tornado Cash to Orion, and another 0.4ETH via SimpleSwap.

The hacker moved to withdraw about 1100 ETH via Tornado Cash and locked up some 657 ETH in his wallet address.

Orion Protocol CEO Alexey Koloskov confirmed the hack in a Twitter thread, stating that the hack was caused by a vulnerability in third-party libraries used during Orion’s development.

However, Koloskov claimed that the stolen funds were from Orion’s Treasury, adding that all users’ funds are safe.

“We want to reassure our users that no user experienced any loss during this incident. The assets at risk were in internal broker’s accounts run by ourselves-the Orion team.”

To avert potential vulnerabilities from third-party libraries, Koloskov said that the Orion team will prioritize developing all its contracts in-house.

The post Orion protocol suffers $3M hack due to third-party vulnerabilities appeared first on CryptoSlate.

origin »

Bitcoin price in Telegram @btc_price_every_hour

BlockMason Credit Protocol (BCPT) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.04 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0195725 (-100%)

hack due third-party orion protocol vulnerabilities suffers

hack due → Результатов: 75


Did the $41M Bitcoin Theft Create a Buying Opportunity for Binance Coin (BNB)?

Binance Token (BNB) has taken a significant due to the Binance Bitcoin hack but is the recent pullback an opportunity for buyers? BNB Maybe a Steal as Binance Reels Since topping out at $25. 49 Binance Token (BNB) has pulled back by nearly 27% and the fallout from last week’s Tether – Bitfinex scandal along with Binance’s recent $41 million bitcoin theft are taking their toll on the exchange’s native token.

2019-5-11 01:00


Фото:

Mt. Gox readies to pay back creditors five years after hack

Troubled cryptocurrency exchange Mt. Gox is finally inching closer to settling its debt with creditors, some five years after it was hacked. According to new documents published by Mt. Gox‘s trustee Nobuaki Kobayashi (aka Tokyo Whale, as he’s known in cryptocurrency circles), a decision has been made with regards to creditor’s claims – they’ve been approved or disapproved – and the Tokyo District Court has been notified.

2019-3-21 15:32


Фото:

Security Researchers Reveal Wallet Vulnerabilities On Stage at 35C3

In a demonstration titled “Wallet. fail,” a team of security researchers hacked into the Trezor One, Ledger Blue and Ledger Nano S. Unfortunately, it appears as if their findings were first put on display at the 35th Chaos Communication Congress (35C3) in Leipzig, Germany, rather than through accepted Responsible Disclosure practices, which would have allowed the manufacturers to patch the vulnerabilities and protect their customers from any potential attack.

2019-1-1 19:15


Bitcoin Gold (BTG) Gets Delisted By Bittrex Crypto Exchange Due To $18 Million Hack

Bittrex Exchange Removes Bitcoin Gold From Their Exchange Among cryptocurrency startup companies, the risk of theft, extortion, or major attack is very significant. The cryptocurrency community has always been especially susceptible to crime, because of the prevalence of technology-minded hackers in the markets, as well as the anonymous nature of cryptocurrencies in general. For these […]

2018-9-4 13:37


Фото:

South Korea: Trading Volume Soars as Bithumb Reopens to New Customers

Major South Korean cryptocurrency exchange Bithumb has announced it will resume accepting new user accounts after resolving a dispute with its banking partner. Month-Long Impasse Ends As local news media outlet Yonhap reports August 29, Bithumb has come to an agreement with Nonghyup Bank, which in July stopped serving it, reportedly due to the exchange’s recent hack in which it lost over $30 million.

2018-8-29 16:00