Orbit Chain, a platform that transacts with various blockchains, lost $82 million after hackers exploited the platform’s cross-chain bridge in the last few hours of 2023. Per recent reports, the hacker group has finally moved $48 million worth of stolen data to Tornado Cash mixer. According to blockchain analytics firm Arkham Intelligence, the Orbit Chain perpetrators are back online after months of silence, with the hackers stealing over $100 million in ETH and DAI from Orbit Chain 5 months ago. Despite using multisig wallets to secure its assets, attackers generated transactions in ETH, USDT, DAI, USDC and WBTC during the exploit.
The ongoing update from Arkham revealed that the exploiter moved a total of 12,932 Ether (ETH) worth $48 million in two days through 7 transactions. Etherscan data showed that the ETHs were sent through Tornado Cash in batches of 100 ETHs per transaction. The cybercriminals drained millions in various assets on the last day of 2023, with suspected compromised private keys leading to the attack. Some theories suggest an ETH security community noted the attack could be a validator code exploit, as the protocol used multisig wallets to secure its assets.
Following the hack, speculation arose that the attack might have been performed by the North Korean Lazarus Group, with blockchain analysts from Match Systems noting similar tactics to other high-profile attacks by the group. Metamask developer Taylor Monahan also agreed that the Orbit attack follows similar patterns to hacks carried out by Lazarus Group. Per Arkham’s estimates, the hackers still hold over $66 million in ETH and over $20 million in DAI and USDT. The ongoing update from Arkham noted that the Orbit Chain Exploiter moved 8671 ETH ($32 million) to a new address and is currently in the process of depositing it to Tornado Cash.
Despite the devastating hack, the exact method used by the cybercriminals to exploit the platform’s cross-chain bridge and compromise millions in assets remains unknown. The hacker group’s recent activity after months of silence indicates ongoing efforts to move the stolen assets through various means of exchange. Arkham Intelligence continues to track the movement of stolen assets, providing updates on the situation as it unfolds. The Orbital Chain exploit serves as a reminder of the vulnerabilities present in blockchain platforms and the importance of robust security measures to protect user assets from malicious actors.ILON DMR I10.280 TX
2021DMR핵중
— Arkham (@ArkhamIntel) June 8, 2024In a statement on Twitter, Arkham Intelligence provided details on the ongoing activity of the Orbit Chain Exploiter, highlighting the movement of stolen assets and the current status of the situation. The firm’s efforts to track and monitor the movement of stolen assets provide valuable insights into the methods used by cybercriminals to exploit vulnerabilities in blockchain platforms. As the situation continues to unfold, organizations and individuals in the blockchain space must remain vigilant and implement stringent security measures to protect against potential threats.
The Orbit Chain hack serves as a cautionary tale for the blockchain industry, highlighting the challenges and risks associated with securing digital assets in a decentralized ecosystem. The exploit underscores the importance of robust security protocols, multisig wallets, and proactive measures to prevent unauthorized access and malicious activities. As the blockchain space continues to evolve and expand, the need for enhanced security measures and proactive threat detection mechanisms becomes increasingly critical. By learning from the lessons of the Orbit Chain hack and other similar incidents, stakeholders in the blockchain industry can strengthen their security posture and safeguard against potential threats in the future.