Orbit Chain Hacker Moves $47.7 Million to Tornado Cash

As a researcher with extensive experience in blockchain forensics and cryptocurrency security breaches, I find the recent activity of the Orbit Chain hacker both intriguing and concerning. The resurfacing of this malicious actor after five months of inactivity, moving nearly half of the stolen $100 million to Tornado Cash, highlights the complexities and challenges involved in tracking down and recovering funds from such attacks.

The individual responsible for the $82 million heist on Orbit Chain during New Year’s Eve has reemerged, shifting $47.7 million of the stolen funds to the cryptocurrency mixing service Tornado Cash following a five-month absence.

As an analyst, I’ve uncovered some intriguing transaction activity on the Ethereum blockchain. On June 8, a total of 12,932 Ether, equivalent to approximately $47.7 million, was transferred in seven distinct transactions. The destination for these funds was a newly generated address. Subsequent analysis by blockchain intelligence firm Arkham Intelligence revealed that this address then forwarded the Ether to Tornado Cash.

The preliminary estimates suggested that the exploit resulted in a loss of around $82 million, but more current information from Arkham indicates that the damage could be approaching $100 million.

I brought to light in a June 8 post on X that five months prior, an unknown group managed to make off with more than $100 million in ETH and DAI from Orbit Chain. Since then, they have remained conspicuously quiet.

A notorious hacker, the Orbit Chain Exploiter, has recently transferred $32 million worth of Ethereum (8671 ETH) to a new wallet address. They are now attempting to conceal this transaction by sending the funds to the privacy service Tornado Cash. Previously, they had been quiet for five months after orchestrating a heist worth over $100 million in both Ethereum and DAI.— Arkham (@ArkhamIntel) June 8, 2024

As a crypto investor closely monitoring the recent $47.7 million Ether transaction, I’ve noticed that most of these transactions were executed in bundles of 100 ETH based on Etherscan data. However, it is intriguing that the hacker has not moved or initiated any transactions related to the stolen $20 million in Dai (DAI) or other assets taken from the cross-chain bridge yet.

After completing these financial exchanges, I, as an analyst, find that the hacker’s account holds a significant balance of approximately $71.2 million. Among this total, there are large sums of Ether, amounting to around $51.1 million, and smaller quantities of other digital assets such as wrapped Bitcoin (wBTC), wrapped Ethereum (wETH), Orbit Chain (ORC), and USD Coin (USDC).

In the final moments of 2023, around 8:52 pm UTC on December 31st, a security incident, or “breach,” transpired. Orbit Chain identified this exploit on New Year’s Day and subsequently revealed their intent to work alongside international law enforcement bodies.

On January 11, Orbit Chain’s X account declared a reward of up to $8 million for anyone who supplies crucial information that helps identify the hacker responsible or recovers the stolen assets.

Read More

2024-06-10 09:40