Orbit Bridge team accuses its former employee of facilitating the $81,5 million hack
The company alleges that the manager arbitrarily loosened security settings on the eve of his termination
25.01.2024 - 15:07
157
2 min
0
What’s new? South Korean company Ozys has accused its former chief information security officer of facilitating the hacking of its Orbit Bridge cross-chain protocol. Damages from the January 1 incident exceeded $81,5 million. Ozys said following an internal investigation that the ex-employee, whose name was not disclosed, arbitrarily weakened internal firewall settings on November 22. At the same time, two days earlier he had written a resignation letter of his own accord.
What else is known? Ozys added that the employee left the company on December 6 without notifying his colleagues about the changes made to the security settings. They were only discovered on January 10, already after the hack.
The company filed a lawsuit against the former employee for damages and also asked the police to investigate his possible involvement in the hack.
At the same time, Ozys admits that the hack was carried out by the North Korean hacker group Lazarus. This version is being investigated by the company in cooperation with the National Intelligence Service, the Internet and Security Agency, the police, and the private auditing firm Theori.
Ozys CEO Choi Jin-han said the company is mobilizing all resources to track down the attacker and recover assets, “no matter how long it takes.” The company also pledged to provide users with a compensation plan at a later date.
Chainalysis analysts reported that DPRK hackers, including Lazarus, carried out a record number of attacks on crypto projects in 2023, stealing over $1 billion.
In April this year, decentralized exchange Merlin lost $2 million in a hack. As it later turned out, members of the project’s technical team were involved: they manipulated contracts in the platform’s interface to gain access to pools.
Currently, the largest incident in the history of the crypto industry is the hack of the Ronin sidechain of the Axie Infinity game, carried out by Lazarus. As reported by the media, the theft of $625 million on March 23, 2022, was caused by the carelessness of one of the developers who opened a file with disguised malware.
Useful material?
Incidents
The company conducted fictitious trading for six years to inflate the trading volume of tokens of several companies, receiving payment for these services
Nov 1, 2024
Market
1,5 million addresses have already left applications
Oct 31, 2024
Business
The company began investing in bitcoin in 2020, and since then, the value of its securities has risen by 1700%
Oct 30, 2024
Mining
The Deputy Energy Minister explained that in deficit regions, it is impossible to allocate large capacities for industry enterprises until 2030
Oct 30, 2024
Market
Customers will also be able to withdraw funds to bank accounts using cards
Oct 30, 2024
Mining
Blockware noted increased investor interest in this type of asset due to inflation concerns
Oct 29, 2024