Orbit Chain loses $86 million in the last fintech hack of 2023

Orbit Chain has experienced a security breach that has resulted in a loss of $86 million in cryptocurrency, particularly Ether, Dai, Tether, and USD Coin.
Orbit Chain is a blockchain platform designed to function as a multi-asset hub, supporting interoperability between various blockchains, decentralized applications, and services.
The platform isn't directly used by investors to buy assets or services but is more of a blockchain infrastructure project that supports the broader ecosystem.
The first unauthorized transaction of a series of drain attacks involving multiple asset types and performed by unidentified hackers occurred on December 31, 2023, at 9:07:59 PM UTC. Blockchain intelligence platform Arkham reports that Orbit Chain's balance went from $115M to $29M instantly, meaning that the losses are estimated to be about $86,000,000.
The nature of the exploit leveraged by the hackers to perform the attack remains unknown at this time.
Although the attackers' identity and origin haven't been determined, they carry signs of sophisticated state-sponsored attackers believed to be based out of North Korea.
Orbit Chain says it is working with the Korean National Police Agency and Korea's Internet and Security Agency, which specialize in North Korean threats.
DPRK hacking groups like Lazarus have been implicated in various cryptocurrency-related cyberattacks throughout 2023, with the stolen amounts seen as a means to bypass international sanctions and finance the country's weapons development program and cyber operations.
Blockchain experts also point out that Orbit Bridge is an Ozys project, which also owns Belt Finance and KlaySwap, both previously hacked, likely by sophisticated state-sponsored actors who employed Border Gateway Protocol hijack.
The stolen funds from the recent Orbit Chain hack are being tracked with the help of multiple international partners, and an extensive effort is underway to freeze the stolen assets.
Orbit Chain is also warning that scammers are using verified accounts on X to promote phishing sites pretending to be refund portals to trick people into connecting their wallets.
Once a wallet is connected, malicious scripts will drain all assets and NFTs from the wallet.
Blockchain threat tracking service Scam Sniffer reported that throughout 2023, wallet drainers stole $295 million from over 320k victims, with the most notable cases being Inferno Drainer and MS Drainer.
New macOS 'KandyKorn' malware targets cryptocurrency engineers.
Ex-Amazon engineer pleads guilty to hacking crypto exchanges.
Multiple NFT collections at risk by flaw in open-source library.
North Korea's state hackers stole $3 billion in crypto since 2017.
Ethereum feature abused to steal $60 million from 99K victims.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 02 Jan 2024 20:40:06 +0000


Cyber News related to Orbit Chain loses $86 million in the last fintech hack of 2023

Digital Transformation in the Financial Industry: The Role of Fintech - Fintech companies are providing innovative solutions to help customers save money and manage risk more effectively than ever before; they're also fueling innovation within traditional banks themselves by creating new products based on customer ...
11 months ago Hackread.com
Unleashing the Power of AI - Welcome to the next article in our series on mastering API integration, specifically tailored for the fintech industry. As product managers, understanding and harnessing AI in fintech API management is essential for optimizing operations, enhancing ...
10 months ago Feeds.dzone.com
Orbit Chain loses $86 million in the last fintech hack of 2023 - Orbit Chain has experienced a security breach that has resulted in a loss of $86 million in cryptocurrency, particularly Ether, Dai, Tether, and USD Coin. Orbit Chain is a blockchain platform designed to function as a multi-asset hub, supporting ...
10 months ago Bleepingcomputer.com
Orbit Chain Loses $86M in Cross-Chain Bridge Hack - Orbit Chain, a South Korean platform designed to act as a multi-asset blockchain hub, revealed a massive breach on December 31, 2023. Orbit Chain revealed specifics of the theft in a series of posts on X, saying the hacker employed cryptocurrency ...
10 months ago Cysecurity.news
Korean National Police Agency investigating $81 million crypto theft from Orbit Chain - Crypto platform Orbit Chain said it is working with the Korean National Police Agency and Korea Internet & Security Agency to address a cyberattack that led to the theft of more than $81 million worth of cryptocurrency. On the night of New Years Eve, ...
10 months ago Therecord.media
A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
10 months ago Packetstormsecurity.com
Software Supply Chain Security Checklist - In the ever-evolving landscape of digital innovation, the integrity of software supply chains has become a pivotal cornerstone for organizational security. Software supply chain security is not just about protecting code - it's about safeguarding the ...
9 months ago Feeds.dzone.com
New "MITRE ATT&CK-like" framework outlines software supply chain attack TTPs - A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack ...
1 year ago Csoonline.com
Hack The Box Launches 5th Annual University CTF Competition - PRESS RELEASE. Hack The Box, the leading gamified cybersecurity upskilling, certification, and talent assessment platform, is announcing its fifth annual global University Capture The Flag competition that will take place from December 8 to 10, 2023. ...
11 months ago Darkreading.com
HTX exchange loses $13.6M in hot wallet hack: Report - HTX, formerly Huobi Global, suffered an estimated loss of $13.6 million as part of a $86.6 million exploit against the HECO Chain bridge on Nov. 22. According to a report from blockchain security firm Cyvers, the losses stem from three compromised ...
11 months ago Cointelegraph.com
Mandiant's Twitter account hacked to push cryptocurrency scam - The Twitter account of American cybersecurity firm and Google subsidiary Mandiant was hijacked earlier today to impersonate the Phantom crypto wallet and share a cryptocurrency scam. In tests by BleepingComputer, those who click the 'Claim Aidrop' ...
10 months ago Bleepingcomputer.com
Mandiant's account on X hacked to push cryptocurrency scam - The Twitter account of American cybersecurity firm and Google subsidiary Mandiant was hijacked earlier today to impersonate the Phantom crypto wallet and share a cryptocurrency scam. In tests by BleepingComputer, those who click the 'Claim Aidrop' ...
10 months ago Bleepingcomputer.com
Rising fintech trends for 2024: From A2A payments to GenAI in banking - The fintech market is undergoing a rapid shift, with the rise of new technologies, such as Open Finance, generative AI and A2A payments having a major impact on business models, according to Juniper Research. This is combined with unprecedented ...
10 months ago Helpnetsecurity.com
Congressman Coming for Answers After No-Fly List Hack - U.S. Congressman Bennie Thompson is demanding answers from airlines and the federal government after a "massive hack" of the no-fly list. The congressman sent a letter to the airlines and the Department of Homeland Security asking for an explanation ...
1 year ago Therecord.media
Misconfigured Firebase Instances Expose 125 Million User Records - Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn. It all started with the hacking of Chattr, the AI hiring system that serves multiple ...
7 months ago Securityweek.com
LastPass breach linked to theft of $4.4 million in crypto - Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. The news comes ...
11 months ago Bleepingcomputer.com
CISA Announces Renewal of the Information and Communications Technology Supply Chain Risk Management Task Force - The Task Force, chaired by CISA's National Risk Management Center and the Information Technology and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from public and private ...
9 months ago Cisa.gov
T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 month ago Bleepingcomputer.com
ACM will no longer cross sign certificates with Starfield Class 2 starting August 2024 - AWS Certificate Manager is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing, Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting ...
4 months ago Aws.amazon.com
Insomniac hack files leak news on Wolverine, Spider-Man 3, and more - Oli Welsh is senior editor, U.K., providing news, analysis, and criticism of film, TV, and games. He has been covering the business & culture of video games for two decades. The ransomware group that hacked Spider-Man 2 developer Insomniac Games on ...
10 months ago Polygon.com
Poking holes in Google products bagged bug hunters $10M The Register - Google awarded $10 million to 632 bug hunters last year through its vulnerability reward programs. The web goliath's 2023 total represents a slight dip compared to the $12 million in bounties it paid the previous year. Hopefully this means ...
7 months ago Go.theregister.com
Key Takeaways from the 2024 Crypto Crime Mid-Year Update | Tripwire - Contrary to what one might expect, aggregate illicit activity on the blockchain decreased 19.6% from H1 2023 to H1 2024, falling from $20.9B to $16.7B. Although ChainAnalysis notes that illicit activity totals will likely rise over time, these ...
1 month ago Tripwire.com
The past year was the most detrimental for digital currency security breaches, with North Korean organizations profiting. - In 2022, cyberattacks on cryptocurrency platforms resulted in the theft of almost $4 billion, with a large portion of the activity being attributed to hackers working on behalf of the North Korean government. According to blockchain research firm ...
1 year ago Therecord.media
Delta Dental of California Discloses Data Breach Impacting 6.9 Million People - Dental insurance giant Delta Dental of California is informing more than 6.9 million individuals that their personal information was compromised as result of the MOVEit hacking incident. In notification letters it started sending out last week to the ...
10 months ago Securityweek.com
Ethereum feature abused to steal $60 million from 99K victims - Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. This is reported by ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)