Hackers quietly loot $81M in crypto assets from Orbit Chain


While most of the world was ringing in the New Year, unnamed hackers silently made off with nearly $82 million in crypto assets by exploiting Orbit Chain’s decentralized cross-chain protocol, known as Orbit Bridge.

The South Korean-based company announced the breach January 1st on X, while several blockchain insiders also began posting about the suspicious activity on December 31st, as first reported by the fintech and crypto news outlet Cointelegraph.

“Urgent. Dear Orbit Bridge Users, An unidentified access to Orbit Bridge, a decentralized Cross-chain protocol, was confirmed on Dec-31-2023 08:52:47 PM +UTC. Further information regarding the issue will be updated,” Orbit Chain said.

ADVERTISEMENT

The blockchain monitoring group Arkham Intelligence shows that on December 31st, Orbit Chain’s balance history was listed at around $127 million in assets.

On January 1st, the same Orbit Chain dashboard shows a dramatically decreased balance of only $29 million and change.

After crunching the numbers listed with each transaction, Orbit Chain was bilked out of an estimated $81.7 million, said Cointelegraph.

Orbit Chain hack
Orbit Chain Bridge dashboard. Image by Arkham Intelligence.

Since then, Orbit Chain revealed Tuesday its team “has identified a significant clue in the process of tracing the stolen funds… and is intensifying its efforts to track the fund based on the clue.”

“In order to resolve this issue, the Orbit Chain team will utilize all available methods to track down the hackers and recover the funds,” Orbit Chain said.

The Korean National Police Agency and KISA (Korea Internet & Security Agency) have also been brought in on the case.

ADVERTISEMENT

“The Orbit Chain Team will not cease its efforts to resolve the issue promptly and sincerely requests active participation from the community in this regard,” the company said.

How it went down

On December 31st, Crypto experts at ChainLight (among other X posters first exposing the anomalous transactions) posted a screenshot of more than a dozen withdrawals from Orbit Chain’s Ethereum cryptocurrency vault.

“On December 31st, 2023, at 9:07:59 PM UTC, an unauthorized transaction was detected in the @Orbit_Chain Ethereum L1 Vault, involving assets like DAI, USDC, USDT, ETH, WBTC. We are actively investigating this issue,” ChainLight said

Orbit chain thanks another X user, who even went so far to pt together an elaborate diagram of how the hack may have taken place, calling the entire situation “embarrassing af.”

Orbit Chain followed up on X with several posts containing hashed transaction ID’s (TXID) and numerous wallet addresses where the funds allegedly were sent to, hoping to spread the word and get help from the public domain in tracing the stolen funds.

Immediately after announcing the attack, Orbit Chain announced it was working diligently with law enforcement and global security experts to “track down and freeze the assets that have been stolen.”

ADVERTISEMENT

The company also appealed to not only the hackers through several sent messages, but to “26 global security companies” to help track the stolen funds in real-time, as well as other exchanges to freeze the assets to prevent further transactions.

As of this report, “the stolen assets remain unmoved,” Orbit Chain said.

Launched in 2019, the Orbit blockchain ecosystem was designed to support communication and facilitate seamless transactions between multiple blockchain networks and projects, according to its website.

Orbit Bridge is the decentralized platform supporting the Inter-Blockchain Communication Protocol (IBC) technology.