Orion was the victim of a reentrancy attack (in which an attacker repeatedly withdraws funds from a smart contract), PeckShield said in a Twitter message. Gal Sagie, CEO of cybersecurity company Hypernative, said the attacker deployed a fake token called ATK which was used to manipulate the orion pools. It utilized a self-destructing smart contract.