Cryptocurrency Bridge Hacked: $86 Million Stolen from Orbit Chain Platform

Lazarus, a North Korean State-Sponsored Threat Actor, Likely Behind the Attack

In a recent incident, a cryptocurrency bridge known as the Orbit Chain platform fell victim to a devastating hack, resulting in the theft of $86 million worth of various cryptocurrencies. The attack, which occurred on December 31, 2023, has raised concerns about the security of cryptocurrency bridges and the increasing sophistication of hackers. The investigation is currently underway, with suspicions pointing towards Lazarus, a notorious North Korean state-sponsored threat actor known for targeting cryptocurrency businesses and bridges.

The Vulnerability Exploited:

The exact details of how the hackers breached the Orbit Chain platform remain unknown. However, experts believe that a flaw in the system may have been exploited, allowing the threat actor to siphon off the funds almost instantly. This incident highlights the importance of robust security measures in cryptocurrency projects, as many previously hacked bridges were found to have vulnerabilities.

The Suspected Culprit: Lazarus:

Lazarus, a well-known North Korean state-sponsored threat actor, has a history of targeting cryptocurrency businesses and bridges. In the past, Lazarus successfully breached Belt Finance and KlaySwap, both of which are part of the Ozys project, along with Orbit Chain. This connection has led media outlets to speculate that Lazarus may be responsible for the recent attack. The involvement of Lazarus raises concerns about the growing sophistication and reach of state-sponsored cybercriminals.

Cooperation with Law Enforcement:

Orbit Chain has taken immediate action by cooperating with the Korean National Police Agency and the Korean Internet and Security Agency (KISA). These agencies specialize in dealing with North Korean threats and will assist in identifying the destination of the stolen tokens and freezing them. The collaboration between Orbit Chain and law enforcement agencies aims to adopt a proactive and comprehensive approach to the investigation.

Exploiting the Victims:

In a distressing turn of events, other hackers have taken advantage of the victims of the Orbit Chain hack. Using verified X accounts, these malicious actors are promoting phishing sites that impersonate refund portals. Unsuspecting individuals are tricked into connecting their wallets to these sites, only to have their funds drained as well. This secondary attack highlights the vulnerability of cryptocurrency users and the need for heightened awareness and caution.

Conclusion:

The recent hack of the Orbit Chain platform, resulting in the theft of $86 million, underscores the ongoing threat posed by hackers to cryptocurrency bridges. Lazarus, a North Korean state-sponsored threat actor, is suspected to be behind the attack, further highlighting the evolving tactics of state-sponsored cybercriminals. The incident serves as a reminder of the critical need for robust security measures in cryptocurrency projects and increased cooperation between industry players and law enforcement agencies. As the cryptocurrency landscape continues to expand, users must remain vigilant and exercise caution to protect their digital assets.