February 2023 started with the Orion Protocol cyberattack. The Orion Protocol is a DeFi platform that acts as a liquidity aggregator for centralized and decentralized exchanges. The platform was hacked due to a re-entrancy vulnerability in the protocol’s smart contract, and attackers stole approximately $3 million.
Re-entrancy Vulnerability with Protocol’s Smart Contract Led to Cyberattack
In the Orion Protocol hack, the hacker exploited the re-entrancy vulnerability within the smart contract of the protocol. This loophole exists when a smart contract does not follow the check-effects-interaction design pattern. Or in other words, this vulnerability happens in a smart contract when an attacker repeatedly calls a function and extracts assets from it before the contract updates its internal state.
In this attack, the hacker created an infectious contract defining a fake ATK token to manipulate the Orion pools. He deposited 0.5 USDC and took out a flash loan of 284700 USDT. After this, he swapped from USDC via ATK to USDT. The chains of swaps involved a call to the token transfer in the infected contract, so he successfully exploited the re-entrancy vulnerability to increase the balance in the contract. Resultantly, he legitimately withdrew about $3 million of stolen money.
Smart Contract Audit Can Protect from Re-entrancy Attacks
Re-entrancy is the most common cause of smart contract hacks. DeFi projects usually include protection against re-entrancy attacks, but a potential loophole was overlooked in Orion.
However, re-entrancy vulnerability can be identified by the smart contract audit and bug bounty programs.
Protect your project from smart contract hacks with smart contract audits. To learn more about protection against cyberattacks, contact our smart contract security experts at [email protected].