Just hours before the dawn of the new year, cybercriminals executed a daring attack on Orbit Bridge, a bridging service associated with the cross-chain protocol known as Orbit Chain.
This audacious breach resulted in the illicit acquisition of approximately $82 million worth of cryptocurrencies.
While the attack had been officially acknowledged by Orbit Chain on a Monday, no specific details regarding the extent of the loss were provided.
According to the official confirmation, the attackers successfully exploited the protocol on December 31, 2023, at precisely 08:52:47 PM +UTC.
At present, the development team is diligently investigating the root cause of this alarming security breach and actively collaborating with international law enforcement agencies in pursuit of the perpetrators.
Orbit Chain, originally launched in South Korea back in 2018, has carved a niche for itself by facilitating cross-chain transfers among various decentralized protocols.
It maintains strong ties with the Klaytn network, a modular layer-1 blockchain, and primarily serves as a conduit for asset transfers between EVM-compatible networks and Klaytn.
The initial indications of a potential exploit in the protocol were brought to light by an anonymous user known as Kgjr (formerly active on Twitter).
Kgjr’s suspicions were aroused following a series of substantial outflows from the Orbit Chain Bridge protocol.
Numerous other blockchain analysts on Twitter subsequently corroborated these findings.
One blockchain analysis platform, Arkham Intelligence, identified a total of $81.68 million in cryptocurrencies that had been siphoned from the protocol through five distinct transactions.
The most substantial of these transactions involved the pilfering of $30 million in Tether, while the remaining funds were distributed across various assets, including $10 million in USD Coin, 9,500 Ether valued at over $21.6 million, 231 Wrapped Bitcoin (WBTC) tokens worth approximately $9.8 million, and an additional $10 million in the algorithmic stablecoin DAI.
The ill-gotten cryptocurrencies were discreetly funneled into new wallet addresses to further obscure the identity of the perpetrators.
Regrettably, attacks on cryptocurrency platforms are far from uncommon, despite developers’ unceasing efforts to bolster security measures.
A recent report revealed that in 2023 alone, crypto users suffered losses amounting to nearly $2 billion due to scams, rug pulls, and hacking incidents.
Notably, this figure escalated significantly when factoring in the $40 billion lost as a result of the collapses of stablecoin issuer Terraform Labs, cryptocurrency lender Celsius, and the FTX exchange.