Stablecoin project Origin Dollar (OUSD) was attacked on Monday and lost $7M as a result.
The sum involved user funds, as well as $1 million worth of deposits by Origin founders and employees. The attacker managed to find a reentrancy bug in smart contracts. He exploited the Origin Protocol's Origin Dollar (OUSD) crypt and withdrew most of its stable coins.OUSD is Origin's native stablecoin, backed by three other tokens: Tether (USDT), Circle and Coinbase's USDC, and MakerDAO's DAI. It is designed to act like a savings account. The exploit resulted in the attacker gaining at least 7,137 ETH (worth about $3.3 million) and 2.25 million DAI (worth about $2.25 million). The price of the project’s native token is down 85% since the attack.
The analysis found that a flash loan was used to initiate what is known as a “rebase".
Trending: Smart Contracts Audits Startup Hexens Closed $4.2 M Seed Funding
The attack artificially increased the supply of OUSD tokens within the protocol before swapping the newly printed tokens on SushiSwap and Uniswap for USDT. Origin is currently analyzing the attack in detail and is expected to post more updates soon. Users were recommended not to buy OUSD on Uniswap or SushiSwap as the current rates don't follow the stablecoin's underlying assets.