Cross-Chain Bridge Orbit Chain Hacker Finally Moves $48M to Tornado Cash: Arkham Data

CryptoNews.com · 2024-06-09T23:01:24+00:00

Hackers steal over $100M in ETH and DAI from Chain's cross-chain bridge, with $48M found transferred to Tornado Cash mixer. The hack took place five months ago, with the perpetrators having recently returned online. Analytics firm Arkham estimates that the hackers still hold over $66M in ETH, $20M in DAI and USDT. The attack followed similar patterns to those performed by the North Korean Lazarus Group.

CryptoNews.com

2024-06-09 23:01:24

Abstract generation in progress

Sujha Sundararajan

Last updated:

June 10, 2024 03:01 EDT | 1 min read

Orbit Chain, a platform that transacts with various blockchains, lost $82 million after hackers exploited the platform’s cross-chain bridge in the last few hours of 2023. Per recent reports, the hacker group has finally moved $48 million worth of stolen data to Tornado Cash mixer.

Blockchain analytics firm Arkham Intelligence revealed Sunday that the Orbit Chain perpetrators are back online after months of silence.

“In the past hour, the Orbit Chain Exploiter moved 8671 ETH ($32M) to a new address and is currently in the process of depositing it to Tornado Cash,” the ongoing update noted.

🚨ONGOING: $100M Orbit Chain Exploiter sends $32M to Tornado Cash after 5 months silence

In the past hour, the Orbit Chain Exploiter moved 8671 ETH ($32M) to a new address and is currently in the process of depositing it to Tornado Cash.

They stole over $100M in ETH and DAI… pic.twitter.com/Bq7BRdXqmc

— Arkham (@ArkhamIntel) June 8, 2024

Per Arkham’s estimates, the hackers stole over $100 million in ETH and DAI from Orbit Chain 5 months ago. “They still hold over $66M in ETH and over $20M in DAI and USDT,” Arkham wrote.

Per Arkham, the exploiter moved a total of 12,932 Ether (ETH) worth $48 million in two days, across 7 transactions. Further, Etherscan data also showed that the ETHs were sent through Tornado Cash in batches of 100 ETHs per transaction.

Inside the Orbit Chain’s Exploit

On the last day of 2023, cybercriminals drained millions in various assets, as a result of suspected compromised private keys. However, various theories exist, for instance, an ETH security community noted that the attack could be “a validator code exploit.”

Despite the protocol using multisig wallets to secure its assets, attackers generated transactions in ETH, USDT, DAI, USDC and WBTC.

Following the hack, reports surfaced that it might have been performed by the North Korean infamous Lazarus Group. Blockchain analysts from Match s found that the Orbit Chain hackers used the same tactics as those in several other high-profile attacks by Lazarus Group.

Metamask developer Taylor Monahan also agreed that the Orbit attack follows similar patterns to hacks carried out by Lazarus Group.

“Looks like 2024 is going to be another year of handing DPRK billions of dollars on a silver platter,” Monahan wrote on X at the time.

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.