Orbit Chain project suffers an attack, resulting in a loss of approximately 80 million USD

At the beginning of the New Year 2024, the cross-chain bridge platform Orbit Chain encountered a major security incident, with losses amounting to approximately $80 million. According to the security monitoring platform, the attackers had already begun small-scale probing a day earlier and used the stolen ETH to fund subsequent large-scale attacks.

Currently, the project party has suspended the operation of the cross-chain bridge contract and is attempting to communicate with the attacker. Security experts have conducted an in-depth analysis of the incident, revealing the specific methods of the attack and the flow of funds.

Attack Method Analysis

Attackers primarily transfer assets by directly calling the withdraw function of the Orbit Chain bridging contract. This function employs a signature verification mechanism to ensure the legality of withdrawals. Further analysis reveals that the contract requires at least 70% of the administrators (i.e., 7 out of 10 administrators) to sign the withdrawal transaction in order to execute it.

Experts speculate that this incident is likely due to the server storing the administrator's private key being subjected to a phishing attack. This highlights the importance of properly safeguarding private keys within a multi-signature mechanism.

Attack Timeline

• December 30, 2023: The attacker began small-scale probing attacks, stealing a small amount of ETH and distributing it to other attack addresses as transaction fees.
• On the evening of December 31, 2023: Multiple attack addresses simultaneously launched large-scale attacks on assets such as DAI, WBTC, ETH, USDC, and USDT.

Flow of Stolen Funds

The attacker will disperse the stolen funds to 5 different addresses:

• 30 million USDT
• 10 million DAI
• 10 million USDC
• 231 wBTC (approximately 10 million USD)
• 9500 ETH (approximately 21.5 million USD)

Security Insights

This event reminds us once again that security should always be the top priority when designing and implementing blockchain systems. Specific recommendations include:

1. Enhance the security of contract code by following best practices and security standards.
2. Improve the identity verification and permissions management mechanisms
3. Adopt advanced security measures such as multi-signature.
4. Conduct regular security audits and vulnerability assessments.
5. Establish an emergency response plan to improve incident handling capability.

In today's rapidly developing decentralized finance landscape, both project teams and users should remain vigilant at all times, prioritizing security to jointly maintain the healthy development of the blockchain ecosystem.