February 21, 2024
Cross-Chain Bridge Exploit Costs Orbit Chain $81 Million

Hackers took advantage of a cross-chain bridge on Orbit Chain, a platform that connects and transacts with multiple blockchains, and they lost $81 million as a result.

In a post on X, the project verified the hack, stating that before targeting Orbit Chain’s Ethereum (ETH) vault, a hacker funded a wallet using the approved privacy protocol Tornado Cash. The hack’s proceeds were subsequently transferred to multiple Ethereum wallets. Approximately $18 million worth of the dai (DAI) stablecoin and 26,741.6 ETH ($64 million) are presently held in these wallets.

An Orbit Chain security breach has cost the company $86 million in cryptocurrency, mostly in Ether, Dai, Tether, and USD Coin.

Orbit Chain is a blockchain platform that facilitates interoperability between different blockchains, decentralized applications (DApps), and services by acting as a multi-asset hub.

Investors use the platform more as a blockchain infrastructure project to support the larger ecosystem than as a means of directly purchasing goods or services.

The first illicit transaction of a string of drain attacks, executed by anonymous hackers and involving various asset kinds, happened on December 31, 2023, at 9:07:59 PM UTC.

Orbit Chain’s balance abruptly dropped from $115 million to $29 million, according to blockchain intelligence platform Arkham. This indicates that the losses are estimated to have been around $86,000,000.

Currently unknown is the nature of the exploit that the hackers used to carry out the attack.

The attackers bear the hallmarks of highly skilled state-sponsored attackers, presumably based in North Korea, even though their identity and country of origin are unknown.

The Korean National Police Agency and the Korea Internet and Security Agency (KISA), which are experts in North Korean (DPRK) threats, are partners with Orbit Chain.

Throughout 2023, DPRK hacking groups such as Lazarus have been linked to multiple cryptocurrency-related cyberattacks. The stolen cryptocurrency amounts are believed to be a way for the country to get around international sanctions and fund its weapons development program as well as its cyber operations.

The fact that Belt Finance and KlaySwap, two other Ozys projects that were previously hacked—likely by skilled state-sponsored actors using Border Gateway Protocol (BGP) hijacking—is another point raised by blockchain experts regarding Orbit Bridge.

Many international partners are assisting in the tracking of the funds that were stolen in the most recent Orbit Chain hack, and significant efforts are being made to freeze the stolen assets.

Additionally, Orbit Chain is alerting users to the fact that con artists are tricking people into connecting their wallets by promoting phishing websites that pose as refund portals using verified X accounts.

Malicious scripts, however, will remove all assets and NFTs from a wallet as soon as it is connected.

Threat monitoring service for blockchain According to Scam Sniffer, wallet drainers defrauded over 320k victims of $295 million in 2023; the most well-known cases were those of MS Drainer and Inferno Drainer.

About $100 million in cryptocurrency could be stolen from Orbit Chain

The amount of cryptocurrency stolen in December 2023 has increased to nearly $100 million thanks to information obtained from blockchain security companies and an attack on Orbit Chain’s cross-chain bridge.

In December, there were over 36 attacks by PeckShieldAlert hackers who stole $99.3 million. In the past three years, the Cross-chain #OrbitBridge has been the target of nine major hacks totaling $81.5 million, according to a PeckShieldAlert tweet. The exploit occurred on New Year’s Eve.

It is estimated that this exploit ranks as the ninth-biggest hack in the last three years that targets a cross-chain bridge.

Orbit Chain stated, “We are working hard to track down and freeze the assets that have been stolen. We are in close contact with law enforcement agencies.”

Leave a Reply

Your email address will not be published. Required fields are marked *