In a significant development, the hacker behind the $82 million Orbit Chain exploit has resurfaced after five months of inactivity, transferring a substantial portion of the stolen funds to the cryptocurrency privacy mixer Tornado Cash. This move has reignited concerns and discussions within the cryptocurrency community about the effectiveness of privacy tools in aiding illicit activities.
The Recent Movement of Funds
On June 8, blockchain analytics firm Arkham Intelligence reported that the exploiter moved a total of 12,932 Ether (ETH), valued at approximately $47.7 million, across seven separate transactions to a new address. These funds were subsequently sent to Tornado Cash, a platform known for its ability to obfuscate the origins of cryptocurrency transactions.
Arkham Intelligence, which was among the first to identify this transfer, noted in a post on X:
“They stole over $100M in ETH and DAI from Orbit Chain 5 months ago and have been silent since.”
| Date | Action | Details |
|---|---|---|
| June 8, 2024 | Movement of Funds | 12,932 ETH ($47.7 million) transferred to Tornado Cash |
| Initial Theft | $100 million stolen from Orbit Chain | ETH and DAI were the primary assets stolen |
| Detection | Reported by Arkham Intelligence | Arkham was among the first to spot the activity |
While initial reports estimated the losses from the Orbit Chain hack at $82 million, Arkham’s recent analysis suggests the actual figure is closer to $100 million. This discrepancy highlights the ongoing challenges in accurately assessing the full impact of such cyberattacks.
Despite the recent movement of Ethereum, the hacker has not yet transferred the $20 million in Dai (DAI) or any other assets stolen during the exploit. The hacker’s current holdings include $71.2 million in various cryptocurrencies, with $51.1 million in Ether and smaller amounts in wrapped Bitcoin (wBTC), wrapped Ether (wETH), Orbit Chain (ORC), and USD Coin (USDC).
| Asset | Amount | Value |
|---|---|---|
| Ether (ETH) | 51.1 million USD | 51.1 million USD |
| Dai (DAI) | 20 million USD | 20 million USD |
| Other Cryptos | Small amounts of wBTC, wETH, ORC, USDC | Remaining assets include various tokens |
The Timeline of the Hack
The attack on Orbit Chain occurred on December 31, 2023, just before the New Year, around 8:52 pm UTC. The exploit was confirmed by Orbit Chain the next day, and the project quickly began collaborating with international law enforcement agencies to track down the perpetrator and recover the stolen assets.
On January 11, Orbit Chain announced a bounty for information leading to the hacker’s identification or the recovery of the stolen funds. The bounty offered was up to $8 million, reflecting the severity and impact of the breach.
| Event | Date | Details |
|---|---|---|
| Hack Occurred | December 31, 2023 | $100 million stolen in ETH and DAI |
| Confirmation | January 1, 2024 | Orbit Chain confirmed the exploit |
| Bounty Offered | January 11, 2024 | Up to $8 million for decisive intelligence |
The hack had a significant impact on Orbit Chain’s ecosystem. Before the attack, the protocol had nearly $149.25 million in total value locked (TVL). This figure has since plummeted by over 75%, with the current TVL standing at approximately $37 million, according to DefiLlama. At its peak in August 2022, the protocol boasted $313 million in TVL, underscoring the dramatic effect the hack has had on its financial health and user confidence.
| Metric | Value Before Hack | Current Value |
|---|---|---|
| Total Value Locked (TVL) | $149.25 million (Dec. 2023) | $37 million (current) |
| Peak TVL | $313 million (August 2022) | N/A |
The Role of Tornado Cash
Tornado Cash has been a focal point in discussions about cryptocurrency privacy and security. The platform allows users to mix their transactions with others, making it difficult to trace the original sources of funds. This feature, while valuable for privacy-conscious users, has also made it a tool for those looking to launder stolen cryptocurrencies.
In the case of the Orbit Chain hack, the use of Tornado Cash has complicated efforts to track and recover the stolen funds. The ETH was sent through Tornado Cash in batches of 100 ETH, a method designed to further obscure the trail.
| Platform | Function | Use in Hack |
|---|---|---|
| Tornado Cash | Cryptocurrency mixer | Used to obscure $47.7 million in ETH |
| Transaction Method | Batches of 100 ETH | Strategy to obfuscate fund origins |
The Orbit Chain exploit is part of a broader trend of increasing cryptocurrency hacks. In the first quarter of 2024 alone, hackers stole $542.7 million worth of cryptocurrencies, marking a 42% increase compared to the same period in 2023. Interestingly, while overall thefts have risen, the amount stolen from smart contract hacks has significantly decreased — from a staggering $2.6 billion in 2022 to $179 million in 2023.
| Year | Total Crypto Stolen | Smart Contract Hacks |
|---|---|---|
| 2022 | $2.6 billion (smart contracts) | $2.6 billion |
| 2023 | $179 million (smart contracts) | $179 million |
| Q1 2024 | $542.7 million (overall) | N/A |
The recent movement of funds by the Orbit Chain hacker underscores the ongoing challenges in securing and recovering stolen assets within the cryptocurrency space. As the industry continues to grow, the balance between enabling user privacy and preventing illicit activities remains a critical issue. The use of privacy mixers like Tornado Cash highlights the need for robust security measures and regulatory frameworks to protect the integrity of blockchain networks.
Featured image credit: Christoph Scholz via Flickr