Cryptocurrency Bridge Hacked: $86 Million Stolen from Orbit Chain
Lazarus, a North Korean State-Sponsored Threat Actor, Suspected in the Attack
In a recent incident highlighting the ongoing vulnerability of cryptocurrency bridges, hackers have drained $86 million from the Orbit Chain platform. The attack, which took place on December 31, 2023, involved the exploitation of a vulnerability within the system. While investigations are still underway, experts believe that Lazarus, a notorious North Korean state-sponsored threat actor, may be behind the breach. This incident raises concerns about the security of cryptocurrency bridges and the need for robust measures to protect users’ funds.
A Bug in the System?
The exact details of how the hackers breached the Orbit Chain platform remain unknown. However, it is suspected that the project itself may have had flaws that were exploited. Similar incidents in the past have revealed vulnerabilities in cryptocurrency bridges, highlighting the need for heightened security measures.
Lazarus Strikes Again
Lazarus, the threat actor believed to be responsible for the attack, has a history of targeting cryptocurrency businesses and bridges. Previous breaches by Lazarus include Belt Finance and KlaySwap, both of which are part of the Ozys project, along with Orbit Chain. The involvement of Lazarus in this attack suggests a pattern of targeting vulnerable cryptocurrency platforms.
Cooperation with Law Enforcement
Orbit Chain is working closely with the Korean National Police Agency and the Korean Internet and Security Agency (KISA) to investigate the breach and track down the stolen tokens. The project has developed a system for investigation support and cause analysis in collaboration with these agencies. Additionally, discussions are underway to establish cooperation with domestic and foreign law enforcement agencies to tackle the issue comprehensively.
Secondary Attacks on Victims
Adding to the victims’ woes, other hackers have exploited the situation by using verified X accounts to promote phishing sites. These sites impersonate refund portals, tricking users into connecting their wallets and subsequently draining their funds. This secondary attack underscores the need for heightened vigilance and awareness among cryptocurrency users.
Conclusion:
The recent attack on the Orbit Chain platform, resulting in the theft of $86 million, highlights the ongoing vulnerability of cryptocurrency bridges. The suspected involvement of Lazarus, a North Korean state-sponsored threat actor, further underscores the need for robust security measures. As investigations continue, it is crucial for cryptocurrency platforms to prioritize the identification and mitigation of vulnerabilities to protect users’ funds. Additionally, users must remain vigilant and cautious to avoid falling victim to secondary attacks. The incident serves as a reminder of the evolving threats faced by the cryptocurrency industry and the importance of proactive measures to safeguard against them.