Orbit Chain Hacker Transfers $48M to Mixer

Orbit Chain, a platform that facilitates transactions with various blockchains, was hacked in the final hours of 2023 as hackers exploited the cross-chain bridge and ultimately transferred $48 million worth of stolen data to the Tornado Cash mixer.

Arkham Intelligence, a blockchain analytics firm, disclosed on Sunday that the perpetrators of the Orbit Chain have resumed their online activities following an extended period of silence.

According to the ongoing update, the Orbit Chain Exploiter has transferred 8671 ETH ($32M) to a new address and is depositing it into Tornado Cash within the last hour.

Five months ago, the hackers seized more than $100 million in ETH and DAI from Orbit Chain, according to Arkham’s estimates. Arkham wrote, “They continue to possess more than $66 million in ETH and more than $20 million in DAI and USDT.”

In two days, the exploiter executed seven transactions, resulting in 12,932 Ether (ETH) transactions valued at $48 million, according to Arkham. Additionally, the Etherscan data indicated that the ETHs were transferred through Tornado Cash in quantities of 100 ETHs per transaction.

The Exploit Within the Orbit Chain

As a consequence of suspected compromised private keys, cybercriminals siphoned millions from various assets on the final day of 2023. Nevertheless, there are a variety of hypotheses; for example, an ETH security community member reported that the attack could be “a validator code exploit.”

Despite the protocol’s implementation of multisig wallets to safeguard its assets, assailants generated transactions in ETH, USDT, DAI, USDC, and WBTC.

After the breach, allegations emerged that the notorious Lazarus Group of North Korea may have been responsible. The Orbit Chain hackers employed the same strategies as those used in numerous other high-profile assaults by Lazarus Group, according to blockchain analysts from Match Systems.

Taylor Monahan, the developer of Metamask, concurred that the Orbit attack exhibits patterns comparable to those of the breaches executed by the Lazarus Group.

Monahan wrote on X then, “It appears that 2024 will be another year in which the DPRK will be granted billions of dollars on a silver platter.”