Over $81 Million Worth of Crypto Stolen in High-Profile Orbit Chain Heist

Crypto platform Orbit Chain was recently targeted by a significant cyberattack, during which threat actors siphoned more than $81 million worth of cryptocurrency.

The company is working with Korea’s Internet & Security Agency (KISA), the Korean National Police Agency, and blockchain security company ChainLight to investigate the incident.

Orbit Chain Loses Millions in Crypto

Orbit Chain is a multi-asset blockchain platform facilitating interoperability between various blockchain ecosystems. Unlike blockchain platforms where investors directly buy crypto assets or services, Orbit Chain’s role is more supportive and foundational in the ecosystem. In other words, Orbit Chain can be seen as a backbone that helps overcome the limitations posed by siloed or isolated blockchains.

Given the volatile nature of crypto, it’s hard to pin down the losses caused by the cyber incident. However, the breach led to a loss of approximately $86 million worth of crypto, including Ether, Tether, Dai, and USD Coin.

Attacker Used TornadoCash Before the Attack

The breach involved a series of unauthorized transactions that started on Dec 31 2023. Reportedly, before the attack unfolded, the unknown attacker funded a wallet using the sanctioned crypto tumbler TornadoCash.

During the incident, the perpetrator attacked the platform’s Ethereum vault and sent the proceeds to numerous ETH wallets, currently holding around $64 million worth of ETH and $18 million of DAI. According to Orbit Chain’s update on X, the ill-gotten gains remain “unmoved.”

All Fingers Point to DPRK

Metamask developer Taylor Monahan points out that the Orbit Bridge attack looks “methodical,” following patterns similar to cyberattacks carried out by North Korean (DPRK) state-backed hackers, such as the infamous Lazarus Group.

Protecting Against Crypto Scams

Meanwhile, concerns are rising about scammers who try to capitalize on the heist by setting up fake refund portals and using verified accounts on X to promote them. Users should avoid connecting their wallets to suspicious websites, especially immediately after cybersecurity incidents like the Orbit Bridge attack.

These websites mainly employ malicious scripts that drain crypto assets and NFTs from connected wallets. The worst part is that these transactions are irreversible.

In this uncertain climate, understanding how threat actors operate can help you stay one step ahead and dodge the wave of crypto scams. Dedicated security software like Bitdefender Ultimate Security can also boost your cyber defenses against digital threats, including phishing attempts, scam emails, viruses, worms, Trojans, ransomware, spyware, rootkits, and zero-day exploits.