Connect with us

Hi, what are you looking for?

Income Innovator HubIncome Innovator Hub

Editor's Pick

Orbit Bridge Hacker Suspected in Coinspaid and Coinex Breaches

Source: AdobeStock / Tamara

Blockchain analysts from Match Systems have found that the Orbit Chain hackers used the same tactics as those in several other high-profile attacks – suggesting that a cybercrime organization, possibly the infamous Lazarus Group, stands behind these hacks.

This criminal group seems to have been busy last year. Cointelegraph cited a January 3, 2024, report by Match Systems, naming Coinspaid, Coinex, and Atomic Wallet among the group’s victims.

Per the report,

“[The analysis] gives reason to believe that the same criminal group may be involved in the hacking of the Orbit bridge, which in 2023 had previously committed several large hacks of the cryptocurrency services Atomic wallet, CoinsPaid, CoinEx, etc., using tools and patterns of the well-known Lazarus group.”

As the new year approached, hackers exploited Orbit Bridge, the cross-chain bridging service of a South Korean-based multi-asset Orbit Chain, making off with $82 million.

Read more: Are Hackers Two Steps Ahead of Security in a Cat-and-Mouse Game? Experts Answer

Common Threads


The analysts found that the hackers used Tornado Cash. They had gas funds from other accounts that withdrew them from the popular crypto mixer.

A mixer does ‘mixes’ different funds in order to obscure the trail leading back to the original sources. Therefore, hackers use it to mix their identifiable funds with others’ funds.

That said, Match System reportedly ‘de-mixed’ the funds using specialized software. It analyzed the “characteristics and patterns before and after the Tornado.cash mixer, considering transaction volumes and dates/times, as well as other specialized methods.”

What the team discovered was a group of addresses. One of them used the SWFT protocol to transfer funds to other addresses. The protocol was also used in the DFX Finance, Deribit, and AscendEX attacks.

Following the Oribit attack, a portion of the funds sent through SWFT traveled through a number of chains, gathering in a Tron wallet. It was then transferred to an exchange and cashed out.

Another common factor, the analysts argue, is that the attackers used Avalanche Bridge and Sinbad in the Orbit attack and several earlier attacks.

Per the team,

“[These are] tools and patterns of the well-known Lazarus group.”

Read more: Blockchain Association Sues OFAC Over Sanctions on Tornado Cash

Lazarus was Responsible for a Fifth of Total Losses in 2023


The North Korea-affiliated hacker group Lazarus was responsible for $308.6 million stolen in 2023, the major bug bounty and security services platform Immunefi found. This is a whopping 17% of the total year losses.

The group was allegedly behind the high-profile attacks on Atomic WalletCoinExAlphapoStakeCoinsPaid, and the massive Ronin Network attack, resulting in a $625 million loss.

Source: Immunefi

The Immunefi team recently published a report focusing specifically on the Lazarus Group. It found that, between 2021 and 2023, the group stole $1,903,600,000 across the Web3 ecosystem.

In December, Immunefi CEO Mitchell Amador commented that,

“As we approach 2024, their escalating sophistication is concerning. Their proficiency in exploiting infrastructure vulnerabilities, smart contract weaknesses, as well as their meticulous social engineering operations, underscores their emergence as perhaps the most pressing threat to web3 today.”

Read more: Record Losses in Web3 May Be Coming as Crypto Prices Rise: Immunefi

The post Orbit Bridge Hacker Suspected in Coinspaid and Coinex Breaches appeared first on Cryptonews.

Enter Your Information Below To Receive Latest News, And Articles.

    Stay updated with the latest news, exclusive offers, and special promotions. Sign up now and be the first to know! As a member, you'll receive curated content, insider tips, and invitations to exclusive events. Don't miss out on being part of something special.


    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.
    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Editor's Pick

    Source: Ark Invest / Instagram ARK Investment Management, led by prominent investor Cathie Wood, has reduced its holdings in the Grayscale Bitcoin Trust (GBTC)...

    Latest News

    A super PAC that has overseen much of Ron DeSantis’s presidential operation has fired its CEO less than two weeks after the previous chief...

    Latest News

    WINDHAM, N.H. — It’s pouring rain Saturday morning as New Hampshire Gov. Chris Sununu (R) arrives at Mary Ann’s diner in Windham, fielding calls...

    Stock

    Popeyes is expanding its menu beyond chicken sandwiches — and it’s a permanent change this time. The fast-food chain announced Wednesday it’s adding five...

    Disclaimer: Incomeinnovatorhub.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


    Copyright © 2024 incomeinnovatorhub.com