Orbit Bridge hack: South Korea’s Orbit Chain loses $80 million in security breach
The new year started with a bang orbital chain, a South Korean cross-chain bridging project, lost over $80 million in assets due to a bridge hack. It is important to distinguish between Orbiter Finance and Orbit Chain, which are Ethereum-based bridges that share a similar name.
According to researchers using the pseudonym Officer_cia, the attackers successfully accessed 7 out of 10 multi-sig signers, resulting in a massive loss of $81.5 million. Designed to require multiple individual keyholders to verify transactions, Multisig aims to prevent single party control of wallet assets.
The stolen funds mainly consisted of stablecoins, including $30 million USDT, $10 million USDC, and $10 million DAI. Additionally, approximately 231 WBTC ($10 million) and 9,500 ETH ($21.5 million) were part of the stolen assets.
Hacker’s address (information provided by: @MistTrack_io)
0x009b60Aab8E64C8F5FE449bd96fA78B1A7fFfcC5- 9500 ETH 0x5e22cb028865d6A93080d7ab42d2Fe9A0E8dC085- 4252 ETH 0x3a886A63c768665A9830886 E 608d6f9Dc6B4f730- ~10M DAI 0x157a409c2bFfF38209A32e55D3eac1bFc93DD664- ~5M DAI…
— Executive Memo (@officer_cia) January 1, 2024
Ongoing investigations and preventive measures
Hackers utilized brokerage addresses to route stolen funds through cryptocurrency mixers, complicating the tracking process. The Orbit Chain team quickly contacted the cryptocurrency exchange and urged them to freeze the stolen assets. At the same time, they worked with law enforcement to track down the missing funds.
The Orbit Chain team developed an investigation support and cause analysis system with the National Police Agency and KISA (Korea Internet & Security Agency), enabling a more active and comprehensive investigation approach.
Besides, we are also discussing closely…
— Orbit Chain (@Orbit_Chain) January 2, 2024
The project issued a warning preventing users from engaging in refund claims amid the chaos of the hack.
Insecure Infrastructure and Previous Incidents
This unfortunate incident involving Orbit Bridge is not the first security breach involving Ozys, the South Korean blockchain development company that led the project. Taylor Monahan, senior product manager at Metamask, highlighted that Ozys’ other creations, KlaySwap and Belt Finance, have faced similar breaches in recent years.
Belt Finance saw losses of approximately $6 million in May 2021, and was potentially at risk of $60 million in August 2021. KlaySwap experienced a loss of nearly $2 million in February 2022. These incidents highlight the vulnerabilities of Ozys infrastructure and require significant action. Lessons we can learn from past mistakes.
Lack of learning is the most frustrating thing about this industry.
At this point, I’m honestly so disgusted.
If you don’t want to bother protecting your pooch, don’t make one. thank you.
— Tay 💖 (@tayvano_) January 1, 2024
Also read: $2 billion lost in 2023 due to cryptocurrency scams and hacks
Multi-signature vulnerabilities and migration attacks
Private key compromise has been a recurring theme in several major attacks within the cryptocurrency industry. Similar issues, most notably the Ronin Bridge hack in March 2022, resulted in $625 million in losses.
According to Quantstamp, a leading Web3 security company: “Compromised keys were the biggest threat of 2023.” A recent analysis by Certik found that private key compromises accounted for a significant portion of security incidents, totaling $880 million across 47 incidents in 2023.
Learning from these incidents is critical for projects to strengthen their security measures and protect user trust. Taylor Monahan emphasized the importance of sharing lessons learned to prevent similar breaches in the future.