Ethereum-based Origin Puts $1 Million Bounty on OUSD Hacker

In brief

  • OUSD, a stablecoin issued by Origin Protocol, was hacked to the tune of $7 million earlier this week.
  • Now, the company is putting up a $1 million reward (that’s USD, not OUSD) for whoever can bring the hacker(s) to justice.
  • The price per OUSD, which should be $1.00, is down to just 14 cents.

The Ethereum-based stablecoin OUSD was hacked earlier this week, resulting in a “loss of funds of around $7M,” according to a blog post from the coin’s issuer, Origin Protocol.

Now, the company is offering a reward for anyone who can identify the attackers. “We are offering a bounty of $1,000,000 USD to anyone that supplies substantial information or evidence leading to the return of customer funds,” wrote Origin Protocol co-founder Josh Fraser in an update to the company’s original post.

The update goes on to speak directly to the hackers, suggesting that they can keep Origin’s portion of the money (about $1 million) and avoid legal action if they return the $6 million or so that belonged to public investors. “Remember that you are taking from those that have less,” reads the post. “If you examine the wallet addresses that held OUSD, you will realize that many of our users are not degens or whales… Keep Origin’s funds, but don’t punish our users, many of whom were new to crypto.”

Kay Yoo, who heads up Business Operations and Strategy at Origin, elaborated over email. “We do not care if the hacker returns company funds or the personal investments of our founders,” she told Decrypt. “Our highest priority right now is to recover customer funds.”

According to the company, the attacker used a flash loan to kickstart the hack, and eventually laundered the stolen funds through a mixer service called Tornando.cash, as well as Wrapped Bitcoin (WBTC) and renBTC, which are Bitcoin stand-ins on the Ethereum blockchain.

Money laundering appears to be a pretty common use case for mixing services, which scramble ordinary transactions on the blockchain in such a way as to make them essentially untraceable. It’s a handy service if you care about privacy, but also if you’re trying to do illegal things with digital money.

The people who hacked Twitter this past summer used a mixer called Wasabi Wallet to accomplish the same thing. A representative for Wasabi told Decrypt earlier this month that while the service can be used to commit crimes, it is “not intended for criminals to launder money.” So, kind of like uTorrent.

The price per OUSD, which is generally supposed to sit at around $1, dropped to just $.54 in the wake of the attack, and is now just $.14. Trading volume has been at $0 since Tuesday, when Origin appended an update to its blog post telling users to stop buying and selling OUSD.