Tag: flash loans

Origin DeFi Protocol Loses $7 Million to Hacker in Security Breach

Origin decentralized finance (DeFi) Protocol has announced that its Origin Dollar (OUSD) stablecoin project has been hacked, resulting in a loss of funds worth $7 million in combined Ethereum and DAI stablecoin cryptocurrency, including $1 million deposited by the company employees and founders.

In its official blog, Mathew Lui, the founder of Origin Protocol, confirmed the incident and said that the cause of the attack was a flash-loan transaction. The attacker used a flash loan and exploited vulnerabilities within OUSD contracts to initiate what is called a “reentrancy attack”, which led to the loss of funds.

The blog said:

“The attack was a reentrancy bug in our contract. The attacker exploited a missing validation check in mint multiple to pass in a fake “stablecoin” under their control, allowing the hacker to exploit the contract with a reentrancy attack in the middle of the mint.”

Origin Protocol said that they have traced the funds and know that the hacker used both renBTC and Tornado Cash (mixers) to wash and move the funds.

The company stated that it is taking exhaustive measures to recover the stolen funds before holding a discussion about a compensation plan for the affected customers. The firm has advised people not to buy OUSD on SushiSwap or Uniswap as those prices do not reflect the token’s underlying assets. Furthermore, the company has left a message requesting the hacker to return the funds and promised not to take legal action against the attacker if he or she returns 100% of the funds.

Lastly, the company has expressed sincere gratitude to the crypto community as it has obtained outpouring assistance from its security experts, DeFi engineers, investors, and others in such trying times.

Flash Loan Attacks Adversely Affecting DeFi Sector

In September this year, Origin Protocol launched OUSD stablecoin backed by deposits of DAI, USDC, and USDT and is designed to serve as a saving account. The OUSD stablecoin enables users to passively earn competitive returns while holding funds in their Original Dollar (OUSD) wallets.

Original Protocol is the latest to suffer from flash loan attacks, which have become common in the DeFi sector. Flash loan is a new emerging service within the DeFi landscape that allows users to instantly borrow funds without the need for collaterals to access the loans. However, criminals try to use borrowed funds to manipulate the DeFi market – commonly identified as flash loan attacks.

Typically, flash loan attacks happen when malicious actors loan funds from the decentralized finance platforms (like Origin Protocol), but use exploits vulnerability within the platform code to escape the loan mechanism and get away with the funds. Some of the DeFi platforms that have experienced massive hacks and loss of funds include Harvest Finance DeFi protocol, Value DeFi platform, and others.

WOOFi Exploited on Arbitrum, Swift Response Contains Threat

On March 6, 2024, decentralized exchange WOOFi identified an exploit on its platform on the Arbitrum network. The attacker utilized flash loans to manipulate the price of the WOO token, allowing them to repay the loans at a cheaper rate. The exploit resulted in a loss of approximately $8.5 million.

WOOFi’s swift response contained the threat within 13 minutes of detection. The platform, in collaboration with close partners, paused the respective contracts at 16:02 UTC and began an investigation. All other WOO contracts were marked as safe, and the impact was limited, with no risk to user assets in Earn vaults, WOOFi stake, or other WOO contracts.

The WOOFi team has initiated efforts to retrieve the lost funds, offering a 10% whitehat bounty to the exploiter. Additionally, a bounty has been placed on Arkham Intelligence for anyone who can provide further information about the incident.

WOOFi aims to have its Swap function fully operational within two weeks, following contract updates and additional audits. Meanwhile, WOOFi Pro, Stake, and Earn remain unaffected and fully operational. Depositors can withdraw their funds as usual if desired.

The platform expressed gratitude to its close friends and partners who quickly supported them during the incident, specifically mentioning the alliance of SEAL Organization, including storming0x, pcaversaccio, gbvpzffd2r, 0xVazi, invlpgtbl, tonyke_bot, FrankResearcher, as well as aiham_eth and chainalysis.

As a precautionary measure, WOOFi urges all users to revoke token approvals to prevent potential loss of funds while the investigation continues. The platform recommends reviewing approvals immediately and provides a link to revoke approvals on over 70 networks.

This incident marks the first time WOOFi has experienced such an exploit, and the team is determined to prevent similar occurrences in the future. Users are advised to stay alert and cautious of malicious actors attempting to impersonate WOOFi during this time. No immediate action is required from users, aside from reviewing token approvals.

Exit mobile version