Cryptocurrency trading is speculative and your capital is at risk when you trade. We may earn affiliate commissions from some of the products on this page - at no extra cost to you.
Orbit Chain Hacker Moves $48M to Tornado Cash After Months of Post-hack Dormancy


  • The individual or group behind the $82 million hack of cross-chain bridge Orbit Chain has appeared after a period of dormancy to move about $48 million in funds.
  • The firm has not yet provided detailed information.
  • Orbit Chain suspects its ex-Chief Information Security Officer is responsible for the attack.

The exploiter behind the $82 million Orbit Chain hack on New Year’s Eve recently transferred $47.7 million to the cryptocurrency privacy mixer Tornado Cash after five months of dormancy. Following the exploit, the funds “remained unmoved” from the addresses where the leaked funds were stored. On June 8, 12,932 Ether (ETH) valued at $47.7 million was transferred across seven transactions to a new address, which then sent the funds to the crypto mixer Tornado Cash.

Orbit Chain Loses $82M in Cross-Chain Bridge Exploit

Cybercriminals exploited Orbit Bridge, a bridging service of the cross-chain protocol Orbit Chain, on Dec-31-2023 at 08:52:47 PM +UTC, leading to the theft of approximately $82 million worth of cryptocurrencies. Orbit Chain officially confirmed the attack on Jan 1, 2024.

The company collaborated with international law enforcement and worked with the security firm Theoria to identify the root cause. Following the attack, Orbit Chain disclosed specific details. The firm attacker utilized Tornado Cash to provide initial ETH for the attack and then employed multiple wallet addresses to receive the stolen cryptocurrency.

Though Orbit Chain did not specify the amount stolen during the attack, the security firm PeckShield estimated the loss at $81.5 million. It noted that the stolen amount includes $30 million in USDT, 230.879 WBTC (worth $10 million), $10 million in USDC, $10 million in DAI, and 9,500 ETH (worth $22 million). Moreover, it provided a chart indicating that the attacker used the decentralized exchange Uniswap to convert some of the stolen funds into ETH.

On Jan. 11, Orbit Chain said:

“Those who provide decisive intelligence that leads to identifying the attacker or recovering stolen assets will receive the bounty. As a maximum reward, we are offering $8M USD.”

Hack Steal Nearly $100M: Arkham Intelligence

The exploit was first reported to have caused $82 million in losses, but Arkham now suggests it was closer to $100 million. Arkham noted, “They stole over $100M in ETH and DAI from Orbit Chain 5 months ago and have been silent since.” Furthermore, Etherscan data reveals that the majority of the $47.7 million in Ether sent through Tornado Cash were in batches of 100 ETH. 

The exploit did not transfer the stolen $20 million in DAI or any other extracted coins from the cross-chain bridge. Their balance now stands at $71.2 million, comprising $51.1 million in Ether and minor holdings of wrapped Bitcoin, wrapped Ethereum, Orbit Chain, and USD Coin.

Orbit Chain’s Uncertainty Regarding the Hack

The reason behind the hacker’s return from dormancy remains uncertain. However, the timing coincides with the protocol’s recent move to restart certain bridging services after the exploit.

 In an announcement post on the Telegram channel, the company said:

“Our team is currently working closely with relevant authorities to swiftly track the stolen assets and take necessary measures accordingly.”

Orbit Chain has not provided a definitive explanation for the hack. However, it said the incident “…did not result from a vulnerability in the Orbit Bridge smart contract or the theft of a validator key.” In a blog post, the firm pointed out that actions carried out by the protocol’s former chief information security officer could potentially explain the attack. Moreover, the protocol said it is currently taking the necessary civil and criminal measures.

Read More

Disclaimer: Cryptocurrency is a high-risk asset class. This article is provided for informational purposes and does not constitute investment advice. You could lose all of your capital.

Buy Cryptos on eToro banner