Hackers successfully attacked Orbit Bridge, a key component of the Orbit Chain protocol, resulting in a substantial financial loss of approximately $82 million. The exploit involved unauthorized transactions of cryptocurrencies, including Tether, USD Coin, Ethereum, WBTC, and DAI. Initial breach reports were made known to the public through social media posts by users and blockchain security companies.
Just hours before the new year began, cybercriminals exploited Orbit Bridge, a bridging service of the Orbit Chain cross-chain protocol, resulting in the theft of approximately $82 million in cryptocurrency. Orbit Chain officially confirmed the attack today (Monday) but did not provide any details about the loss.
According to official confirmation, the attackers exploited the protocol on “December 31, 2023 08:52:47 PM.” +UTC”. The developers are now analyzing “the root cause of this problem” and “engaging with international law enforcement agencies.”
Orbit Chain, launched in 2018 in South Korea, is known for its focus on facilitating cross-chain transfers across various decentralized networks. It is used for asset transfers between EVM-compatible networks and the Klaytn network, a modular layer 1 blockchain.
Data from the Klaytn network block explorer reveals that eight of the largest assets on this network, by capitalization of total market, are assets involved in Orbit Bridge. Despite having a similar name, Orbit Chain is completely separate from Orbiter Finance, another cross-chain bridging protocol.
Blockchain Analysts Reveal Details
The protocol’s exploit potential was first pointed out by pseudonymous X (formerly Twitter) user @Kgjr, following a series of large departures from the Orbit Chain Bridge protocol. Many other blockchain analysts on Twitter also revealed similar analyses, including Blockchain detective Officer CIA and blockchain security firm Cyvers.
@Kgjr’s posted on X that it looked like “orbit bridge is getting drained right now, different fresh wallets for WBTC USDT USDC and DAI, test tx’s show up on orbit bridge scanner but bigger ones doesn’t.”
Arkham Intelligence, a blockchain analytics platform, noted that a total of $81.68 million worth of cryptocurrency was siphoned off the protocol in five separate transactions.
The largest transaction made by the attackers was $30 million in Tether, while the others are $10 million in USD Coin, 9,500 Ether worth over $21.6 million, 231 Wrapped Bitcoin (WBTC) worth approximately $9.8 million and the rest $10 million in the DAI algorithmic stablecoin. The cryptocurrencies were diverted to new wallet addresses.
Attacks on crypto platforms are common. Despite the constant efforts of developers, hackers find ways to exploit crypto platforms. According to a recent report, cryptocurrency users lost almost $2 billion to scams, pulls, and hacks in 2023. Notably, this figure becomes even more substantial when one takes into account the $40 billion lost to crashes of the stablecoin issuer Terraform Labs, the crypto lender Celsius, and the FTX exchange.
Impact and Response to the Exploit
The incident has sparked an extensive investigation, with blockchain security experts and the community struggling to understand the mechanisms and implications of the breach.
The Orbit Bridge exploit, a piece of critical infrastructure in the blockchain ecosystem, highlights the current challenges in ensuring the security of decentralized financial platforms. This breach impacts immediate stakeholders and raises broader concerns about the security and reliability of similar protocols in the blockchain space.
The response to this incident will be closely watched as it will lay a precedent on how the decentralized finance community handles major security breaches. The event also serves as a reminder of the importance of rigorous security measures and continuous vigilance in the ever-evolving landscape of blockchain technology.
By Audy Castaneda
