On the eve of New Year's, December 31, 2023, the Orbit Chain, a prominent blockchain platform functioning as a multi-asset hub for interoperability between various blockchains and decentralised applications, fell victim to a sophisticated cyberattack that targeted its infrastructure.
Behind the Breach
The initial unauthorised transaction, part of a series of drain attacks, was detected on December 31, 2023, at 9:07:59 PM UTC. A time that might have been strategically chosen to take advantage of reduced vigilance and potential gaps in security monitoring.
The attackers funded a wallet using a sanctioned privacy protocol, Tornado Cash, before carrying out the attack, adding a layer of complexity and demonstrating a sophisticated approach. The exact nature of the exploit remains undisclosed, but the manner of the attack indicates a compromise of credentials or private keys that potentially occurred months before the actual hack was executed.
The estimated total loss amounts to around $81.5 million across the below stolen assets:
ETH: $21.7 million
DAI: $10 million
USDT: $30 million
USDC: $10 million
WBTC: $9.8 million
Lessons from the Incident
Bridges, while essential for interoperability in the blockchain ecosystem, have become targets for sophisticated cybercriminals due to the large volume of funds they hold and manage. The high complexity of the contracts that govern them, as well as less bridge specific vulnerabilities like key management and security allow for numerous attack vectors making them prime targets for hacks.
Implementing more robust multisig (multi-signature) systems and continuous monitoring for unusual activities, are essential. Additionally, implementing rigorous auditing processes and considering potential transaction replay bugs identified in previous audits can help in strengthening the security posture of such platforms.
Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit rivanorth.com to find out more.
You build the future. We help you secure it.