Rewertz Threat Update – Orbit Chain Breach Results in Theft of Over $81 Million in Cryptocurrency

Severity

High

Analysis Summary

Cybercriminals have breached Orbit Chain and managed to steal more than $81 million worth of crypto assets. The company states that it has launched an investigation with the help of the Korean Internet & Security Agency (KISA) and the Korean National Police Agency.

Orbit Chain is a multi-asset blockchain platform that helps connect many different blockchains via Inter-Blockchain Communication (IBC). Its goal is to become a center for the easy transfer of assets and data between various blockchain ecosystems.

The company’s security team has developed a system for investigation support and cause analysis with external cybersecurity organizations and the Korean police that enables a better investigation approach. The unauthorized transactions started on 31^st December 2023 and involved various assets. Researchers from blockchain security firms also warned about suspicious withdrawals from the Orbit Chain platform.

Orbit Chain is working with other cryptocurrency exchanges to try and freeze the stolen crypto assets. Security experts are attributing the attack to North Korean threat actors who have recently been involved in many other attacks targeting organizations in the cryptocurrency industry over the past few years.

Cryptocurrency users need to be vigilant and not engage in any scams that are currently circulating using stolen crypto assets. Also be wary of fake crypto scam accounts that have increased their presence a lot on social media like Twitter, impersonating the real accounts of popular blockchains.

Impact

• Cryptocurrency Theft
• Financial Loss

Remediation

• Cryptocurrency companies should bolster their overall security posture by implementing advanced security measures, including multi-factor authentication (MFA), strong access controls, and encryption.
• Conduct regular security audits and vulnerability assessments to identify and remediate potential weaknesses within cryptocurrency platforms and wallets.
• Educate users about security best practices, including how to recognize phishing attempts, safeguard private keys, and enable strong authentication methods.
• Perform red team exercises to simulate attacks and identify vulnerabilities.
• Deploy advanced threat detection tools that monitor for anomalous activities and unauthorized access attempts on cryptocurrency platforms.
• Exercise caution when clicking cryptocurrency-related ads.
• Be vigilant and thoroughly research platforms before connecting cryptocurrency wallets.