Orbit Chain has turn into the newest cross-chain bridge to undergo a hefty exploit, with the protocol shedding greater than $81M price of belongings on Dec. 31.
Orbit introduced the hack through a tweet on Jan. 1. The group stated it’s finishing up an investigation into an incident and that it has engaged “worldwide regulation enforcement businesses.” Orbit additionally warned that opportunistic scammers have launched web sites fraudulently purporting to supply refunds to affected customers.
Spot On Chain, an on-chain analytics agency, tweeted that the perpetrator behind the exploit consolidated the bulk into ETH, swapping 30M USDT and 230.9 WBTC into 17,250 ETH. The hacker’s wallets now maintain 26,777 ETH ($64M), almost $20M price of DAI, 15.85M price of USDT, and $3.92 price of USDC.
Tay Vano, a well-liked on-chain analyst, speculated that the hack could have been perpetrated by North Korean state-backed hackers. “Seems like 2024 goes to be one other 12 months of handing [North Korea] billions of {dollars} on a silver platter,” they tweeted.
Vano famous that Orbit Bridge was created by Ozys, the South Korean group behind the Klaytn Layer 1 community, KlaySwap decentralized Trade, and Belt Finance stablecoin change.
Belt Finance suffered a $6M hack in Might 2021, whereas $2M was stolen from KlaySwap in February 2022. Immunefi, a web3 bug bounty platform, additionally disclosed an extra Belt Finance vulnerability that positioned $60M price of belongings in danger in October 2021. The incidents point out a poor monitor document for safety on the a part of Ozys’s builders.
Cross-chain bridges supply honeypots to hackers
Cross-chain bridges have emerged as an attractive goal for hackers, with 4 of the 5 largest DeFi exploits ransacking bridges for greater than $2B, in accordance with Rekt.
Lazarus, North Korea’s state-backed hacking group, has since been implicated within the two largest bridge exploits — with Lazarus making off with $624M from Axie Infinity’s Ronin bridge and $611M from the Poly Community bridge. North Korean hackers have been additionally linked to the $100M Concord bridge exploit.
Wall Road Journal estimated North Korea hackers had stolen $3B price of crypto belongings over time as of June 2023, with Immunefi approximating $1.9B was pilfered from 2021 by means of 2023. Immunefi additionally stated Lazarus was answerable for 17.6% price of cryptocurrencies stolen in 2023, taking in additional than $300M.
