Another top blockchain deal provider has been hacked, with millions in crypto stolen
Cryptocurrency bridges remain a prime target for hackers, while yet another loses significant money.
In the late evening of December 31, 2023, a threat actor reportedly exploited a vulnerability in the Orbit Chain platform to steal a total of $86 million.
The money was siphoned off “almost immediately”, with the hackers stealing several cryptocurrencies such as Ether, Dai, Tether and USD Coin.
A bug in the system?
The investigation is currently ongoing and there are many unknown factors, but media reports say Lazarus is the most likely perpetrator.
Lazarus is a notorious North Korean state-sponsored threat actor who has been targeting cryptocurrency companies and bridges for years. In fact, BleepingComputer recalls that it was Lazarus who previously breached Belt Finance and KlaySwap – both of which are part of the Ozys project along with – you guessed it – the Orbit chain.
It remains unclear how exactly the hackers managed to breach the bridge, but it is likely that the project was flawed. Many of the bridges hacked over the years were later found to be imperfect.
In the meantime, Orbit Chain said it is working with local law enforcement (Korean National Police Agency), as well as the Korean Internet and Security Agency (KISA), which apparently specializes in North Korean threats. The idea is to try to identify where the tokens ended up and freeze them.
“The Orbit Chain team, together with the Korean National Police and KISA (Korea Internet & Security Agency), has developed a system for investigation support and root cause analysis, enabling a more proactive and comprehensive investigative approach,” the project announced in an post. “We also discuss close cooperation with domestic and foreign law enforcement agencies.”
To make matters worse, other hackers began preying on victims, using verified X accounts to promote phishing sites. These sites pose as refund portals and trick people into connecting their wallets, but these too are emptied.