The Cross-Chain Interaction protocol was attacked again, and Orbit Chain lost up to $81.5 million

Author | Husband how

At the beginning of the new year, Hacker came out again to “make waves”. According to Beosin’s EagleEye, the Orbit Chain Cross-Chain Interaction Bridge was attacked by Hacker, causing losses of up to $81.5 million.

Judging by the hacking behavior, all this seems premeditated. According to Beosin Trace analysis, the Hacker tried to launch a small-scale attack based on the vulnerability as early as 1 day ago (December 31), and used the stolen ETH as the source of transfer fees for the remaining 5 addresses of this attack.

In the early hours of this morning, the Hacker officially launched the attack and transferred the stolen funds to the five Addresses mentioned above. In five separate transactions, each sent to a new Wallet, Orbit Bridge sent $50 million in Stable Coins (30 million USDT, 10 million DAI, and 10 million USDC), 231 wBTC (about $10 million), and 9,500 ETH (about $21.5 million).

Although attacks on Cross-Chain Interaction occur from time to time, the types of attacks are not complex. For example, recently, Heco Bridge was attacked by a private key leak, with a loss of up to $86.6 million; Multichain was also a private key leak attack, with losses of up to $242 million, affecting the development of multiple projects at the same time, and de-anchoring asset prices on Fantom.

What is the reason for the theft of Orbit Chain? Security agency Slowfog believes that this attack may be an attack caused by a Cross-Chain Interaction contract vulnerability or an intrusion of the project’s centralized server, and the former may be more acceptable to the public. "No one is perfect, no program is indestructible, but a compromise on a centralized server could trigger more ripple effects. ”

After the attack, the Orbit Chain Token ORC fell by more than 18%, and the prices of a number of packaged assets Cross-Chain Interaction to the Klaytn network through the Orbit Bridge fell, among which OETH, OBNB, OXRP have all fallen by more than 20%.

Remind users that since the cause of the theft of the Orbit Chain Cross-Chain Interaction Bridge has not yet been clarified, it is not sure whether the Hacker has a next step, please revoke the relevant Wallet approval as soon as possible. As a capital-intensive area, Cross-Chain Interaction bridges often attract the attention of Hacker, and as users, try to do the following three things:

When an accident occurs, revoke the contract authorization of the Cross-Chain Interaction bridge as soon as possible to prevent further risk contagion, which can be revoked through the approval checker in the browser of the Blockchain, and it is recommended that you regularly review and clean up some useless contract authorizations, Hackers often withdraw assets multiple times through vulnerabilities in smart contracts.

Users with frequent cross-chain interaction needs to pay close attention to the relevant information of the cross-chain interaction bridge, such as the risk reminder of the security company’s warning, the upgrade of the official notice, etc., to understand and prepare for the response as soon as possible.

As a participant of the Cross-Chain Interaction LP, in the face of such incidents, it is necessary to actively communicate with the project party, and the locked assets should be recorded and waiting for the aftermath to be resolved.

At present, Orbit Chain has suspended the Cross-Chain Interaction contract and communicated with Hacker, and plans to issue compensation to users to compensate for the loss of assets, the specific amount of compensation has not been disclosed.