In the closing hours of 2023, Orbit Chain, a platform that operates with multiple blockchains, lost $82 million due to hackers taking advantage of the platform’s cross-chain bridge. Recently, it was reported that the hacker group managed to move $48 million of the stolen funds to Tornado Cash mixer. According to blockchain analytics firm Arkham Intelligence, the hackers were silent for months but have now resurfaced and moved 8671 ETH, valued at $32 million, to a new address with intentions to deposit it into Tornado Cash. The hackers are believed to have stolen over $100 million in ETH and DAI from Orbit Chain, still holding over $66 million in ETH and $20 million in DAI and USDT.
Over a span of two days, the exploiter moved a total of 12,932 Ether, worth $48 million, in seven transactions. The transactions were split into batches of 100 ETH each and sent through Tornado Cash, adding a layer of anonymity to the movement of stolen funds. The attack on Orbit Chain in late 2023 resulted in the loss of millions in assets due to suspected compromised private keys. While the platform had implemented multisig wallets for security, the attackers were able to conduct transactions with ETH, USDT, DAI, USDC, and WBTC. Various theories exist regarding the nature of the attack, with some suggesting a validator code exploit as a possible cause.
Following the hack on Orbit Chain, speculation arose that the notorious North Korean Lazarus Group may have been behind the attack. Match Systems blockchain analysts found similarities between the tactics used in the Orbit Chain hack and those employed in other high-profile attacks attributed to Lazarus Group. Metamask developer Taylor Monahan also pointed out similarities and expressed concern that 2024 could be another year in which billions of dollars are handed over to the DPRK due to cyber attacks. The incident highlights the ongoing risks and challenges faced by platforms operating within the blockchain and cryptocurrency space, as hackers continue to exploit vulnerabilities and target valuable assets.
The response to the Orbit Chain exploit serves as a reminder of the importance of cybersecurity in the blockchain and cryptocurrency industry. With hackers continuously evolving their tactics and targeting valuable assets, platforms must remain vigilant and implement robust security measures to protect against unauthorized access and theft. The involvement of blockchain analytics firms like Arkham Intelligence plays a crucial role in tracking and identifying suspicious activities, enabling faster detection and response to security incidents. Cooperation between industry stakeholders, developers, and security experts is essential in addressing the growing threat of cyber attacks and safeguarding the integrity of blockchain-based platforms.
As the investigation into the Orbit Chain exploit continues, the recovery of stolen funds and the apprehension of the perpetrators remain top priorities for law enforcement and cybersecurity professionals. Efforts to enhance the security of blockchain platforms and educate users on best practices for safeguarding their assets are fundamental in mitigating the risks associated with cyber attacks. The incident underscores the need for continuous monitoring, threat intelligence, and collaboration within the blockchain community to prevent similar attacks in the future and uphold trust and confidence in the integrity of the ecosystem. By learning from past incidents and adapting security measures accordingly, the industry can better protect against emerging threats and uphold the principles of decentralization and transparency that underpin blockchain technology.
