Cross-chain bridge Orbit Chain has confirmed that it suffered an unauthorized breach of access to its ecosystem on Dec. 31 at 8:52 pm UTC.
Orbit Chain posted on X (formerly Twitter), saying it is currently conducting a “comprehensive analysis” of the cause of the breach alongside cybersecurity startup Theori.
Currently, a comprehensive analysis identifying
— Orbit Chain (@Orbit_Chain) January 1, 2024
the root cause of this issue is being carrried out with
with Theori.
We are actively engaging with international law enforcement agencies.
It also said it’s “actively engaging” with international law enforcement agencies.
Blockchain analytics platform Arkham Intelligence reported the losses totaled around $81.68 million in various cryptocurrencies, including Tether (USDT), USD Coin (USDC), Ether (ETH), Wrapped Bitcoin (WBTC) and Dai (DAI).
Orbit warned users not to fall for any scam reimbursement offers, which have begun circulating on social media under accounts with similarly named handles.
Related: Thunder Terminal claims funds safe after $240K attack, hacker says otherwise
Orbit users have slowly started to reach out to the platform on social media, asking for transactions to be canceled and to receive funds back. One user said their transaction is still pending validation.
Can you please cancel the pending transactions/bridging attempts ? I didn't know that you guys got hacked and i just want my tokens back.
— 0xwisp (@Wisp0x) January 1, 2024
The transaction hasn't been yet confirmed by a validator. Please.
Another user posted that users are confused and “on edge” waiting for validators, saying that no one is answering requests.
Please answer the question when you will connect validators. Moreover, most transactions for completely different tokens are now expected to take 24 hours. Could you pleasee nable validators already? People are confused and on edge. Nobody is answering. Comments were closed.
— Tutkin | ❤️ Memecoin (@KTutkin72296) January 1, 2024
Orbit Chain has yet to publicly respond to any of these questions from users.
The platform started in 2018 in South Korea as a multi-asset blockchain for cross-chain transactions between decentralized networks. It is often used to transfer assets between Ethereum Virtual Machine-compatible networks and Klaytn.
According to an end-of-the-year report from blockchain security platform Immunefi, $1.8 billion was lost to Web3 hackers and scammers in 2023. Of this amount, 17% can be accredited to the North Korean hackers Lazarus Group.
The attack on peer-to-peer trading platform Mixin Network came in as the year’s largest exploit, with a total of over $200 million in losses.
Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks