• The attacker of the Orion Protocol has had a change of heart and is reportedly willing to return the stolen funds.
• Blockchain security and data analytics company Peckshield Inc. tweeted a screenshot of the Orion Protocol exploiter’s address, in which the attacker wrote they were ready to refund the money.
• The hacker used a re-entrancy attack to steal funds, but Orion Protocol CEO Alexey Koloskov assured users that their funds were safe.
Exploiter Willing to Return Stolen Funds from Orion Protocol
Hacker Used Re-Entrancy Attack
The attacker recently made off with $3m worth of Ethereum (ETH) from the Orion Protocol by creating a fake token called ATK and then manipulating flash-loaned stablecoin swaps while artificially depositing the fake ATK token. The attacker then withdrew the inflated balance, amounting to $3m. An on-chain analysis estimated losses at $2.8m for Orion’s ETH implementation and $200,000 for its Binance Smart Chain (BSC) implementation.
Exploiter Changes Mind, Wants To Return Funds
The hacker has yet to give a reason for wanting to return all or part of their stolen funds, but Blockchain security and data analytics company Peckshield Inc tweeted a screenshot of the Orion Protocol exploiter’s address, in which they wrote they are ready to refund any money taken. Shortly after this announcement, an exploiter-identified wallet passed ETH tokens through sanctioned privacy mixer Tornado Cash.
Orion CEO Assures Users Their Funds Are Safe
Orion Protocol CEO Alexey Koloskov took to Twitter following the attack in order to assure users that their funds were still safe as it was not caused by any flaws within their core coding system but instead due to vulnerability within one of their experimental brokers’ smart contracts when mixing third party libraries together.
Conclusion
The exploiters have yet given no reason behind why they have decided now wish to return stolen funds nor if these will be returned in full or partials amounts; however this news comes as great relief for users who are glad that their funds remain secure despite this attack on one of Orion’s experimental brokers’ smart contracts when mixing third party libraries together