Blockchain -based e-commerce platform, Origin Protocol confirmed that its Stablecoin , Origin Dollar (OUSD) has been hacked for around $7 million in Ethereum and DAI. The company launched OUSD in September this year.
In an official post, the founder of Origin Protocol, Mathew Lui said that out of $7 million hacked stablecoin, around $1 million were deposited by the company founders and employees. The company added that a flash-loan transaction was the main reason for the attack.
The blogpost cites that the attacker used Tornado cash and renBTC to wash and move the funds. Origin also accepted a reentrancy bug in the contract as the attacker exploited a missing validation check to pass a fake stablecoin.
“In the last few hours, we have made progress understanding the attack and tracking the flow of funds from the OUSD vault to the attackers’ wallets. We will be taking exhaustive measures in the next few days in an attempt to recover lost user funds before discussing a compensation plan for affected OUSD holders. As a reminder, please do not buy OUSD on Uniswap or Sushiswap as the current prices do not reflect OUSD’s underlying assets,” the announcement added.
Message for Hacker
The company also left a message for the hacker to return the funds and expressed gratitude to the blockchain community. “We ask the hacker to do the right thing and return the funds. You’ve demonstrated your superior skills as a hacker, and we’d happily hire you as a security consultant. If you return 100% of the funds, we promise not to pursue you or any legal action against you. We humbly ask you to consider the hundreds of innocent people you are hurting and return the funds.”
The value of the stablecoin dropped significantly in the market. The founder dismissed rumors regarding an internal scam or a rug pull and said that the company is not going anywhere due to this hack.