In a significant cybersecurity incident, Orbit Chain, a blockchain platform serving as a multi-asset hub, has suffered a massive security breach leading to the loss of $86 million in cryptocurrencies, including Ether, Dai, Tether, and USD Coin. This platform, integral to the blockchain ecosystem, facilitates interoperability among various blockchains, decentralized applications (DApps), and services. Not directly engaged in asset transactions, Orbit Chain primarily supports infrastructure within the blockchain network.
The breach occurred on December 31, 2023, at 9:07:59 PM UTC, marking the start of a series of unauthorized transactions by unidentified attackers. According to Arkham, a blockchain intelligence firm, the balance of Orbit Chain plummeted from $115 million to $29 million in a short span, confirming the significant financial impact. The exact method used by the hackers remains unclear, though the sophistication of the attack suggests potential state-sponsored involvement, with North Korea being a suspect.
Orbit Chain is actively collaborating with Korean law enforcement agencies, including the Korean National Police Agency and the Korea Internet & Security Agency, to investigate the breach. These agencies have expertise in handling cyber threats from North Korea. Notably, DPRK-linked hacking groups, such as Lazarus, have been implicated in numerous cryptocurrency thefts throughout 2023, often seen as tactics to circumvent international sanctions and fund North Korea's weapons development and cyber operations.
Experts highlight that Orbit Chain is part of Ozys, a company that owns other platforms like Belt Finance and KlaySwap, which have also experienced similar breaches in the past. The current theft is being rigorously tracked by international partners, with efforts to freeze the stolen assets.
Moreover, Orbit Chain warns of scammers exploiting the situation by promoting fake refund portals through verified accounts. These phishing attempts aim to trick users into connecting their wallets, leading to the theft of their assets and NFTs. Scam Sniffer, a blockchain threat tracking service, reported that wallet drainers like Inferno Drainer and MS Drainer have stolen $295 million from over 320,000 victims in 2023, underscoring the rising threat in the cryptocurrency space.