Onyx Protocol fell victim to a security breach resulting in the loss of nearly $2.1 million in Ethereum (ETH) due to a flash loan exploit.
The perpetrator of the Onyx Protocol exploit managed to accumulate 1,164 ETH, equivalent to almost $2.1 million.
Their strategy involved initially making a small donation in the oPEPE market, which served as a ruse to access larger loans from more liquid financial markets.
These loans relied on the donated funds as collateral and once secured, the attacker exploited a rounding issue to turn a profit.
A similar vulnerability was exploited against Hundred Finance in April of the previous year, leading to losses of nearly $7 million.
The lack of funds in the oPEPE market, which had only been operational for five days, made it easier for the attackers to execute their plan.
Specifically, the attacker borrowed $4,000 in ETH through a flash loan via the open-source liquidity protocol Aave and subsequently converted it before exploiting the oPEPE smart contract on Onyx.
The Onyx Protocol Community, led by Alex, confirmed the security breach and has since patched the vulnerability. Alex took to Twitter to address the issue and promised forthcoming updates to enhance security.