Blockchain analysts from Match Systems uncovered connections between the recent $81.5 million heist from Orbit Chain and other high-profile crypto cyberattacks in 2023. This revelation ties the Orbit Chain incident to attacks on platforms such as Coinspaid, Coinex, and Atomic Wallet, suggesting the involvement of an organized cybercrime group.
The report from Match Systems points to similarities in the attack methods used in these breaches. Notably, the use of tools and patterns associated with the infamous Lazarus group, a well-known cybercriminal syndicate. The analysis conducted by Match Systems involved intricate tracing of the Orbit attacker’s activity on the blockchain. This led to a discovery that the attacker’s account received initial funding from sources that had withdrawn funds from Tornado Cash, a privacy protocol often used to conceal the origins of cryptocurrency.
The intricate process of ‘de-mixing,’ utilizing specialized software, was key in identifying the flow of funds. This method unveiled a network of addresses linked to the thefts, with one in particular using the SWFT protocol for fund transfers. These funds were eventually traced to a single Tron wallet, which then moved the assets into an unknown exchange, speculated to be based in the Commonwealth of Independent States region.
Patterns of a pervasive threat
The use of specific protocols such as SWFT, Avalanche Bridge, and Sinbad in these attacks provides further evidence of a common perpetrator. This pattern of behavior also aligns with the tactics employed in the 2023 hacks of Atomic Wallet and CoinsPaid, which the U.S. Federal Bureau of Investigation attributes to the Lazarus group. These consistencies in attack methodologies suggest a singular, sophisticated entity behind these significant security breaches.
This series of attacks underscores the persistent and evolving threats facing the cryptocurrency industry. Despite the high-tech nature of these platforms, they remain vulnerable to sophisticated cybercriminals who continuously adapt their strategies to exploit weaknesses.
Impact on Orbit Chain and the crypto sector
The attack on Orbit Chain’s Ethereum vault, which resulted in the loss of significant assets in ETH and the dai stablecoin, marks another substantial blow to the cryptocurrency community. The immediate aftermath saw a decrease in the market cap of Orbit Chain’s native token, ORC, though it has since shown signs of recovery.
This incident, part of a larger pattern of cyberattacks, reflects a broader challenge within the cryptocurrency sector. Despite advances in security, the industry continues to grapple with vulnerabilities that leave platforms susceptible to theft and fraud. According to De.Fi, a security app, cryptocurrency users lost nearly $2 billion to scams and hacks in 2023. While this represents a decrease from the previous year, it emphasizes the ongoing risk and the need for heightened security measures.
The Orbit Chain hack, culminating a year of significant Web3 protocol exploits, highlights the critical need for enhanced security protocols and vigilant monitoring within the cryptocurrency landscape.