Just before New Year’s Eve, Orbit Bridge, the primary bridge for the Claytont ecosystem, fell victim to an exploitation resulting in losses of nearly $82 million. South Korean authorities from multiple agencies are actively investigating this substantial hack.
Accusations have surfaced, pointing to North Korea’s hacking group, ‘Lazarus,’ as the likely orchestrator behind the exploit. In response to these allegations, various units of the South Korean National Intelligence Service (NIS) have stepped in to conduct a thorough investigation.
Orbit Bridge was a crucial component utilized by prominent Korean platforms, including Kakao’s blockchain platform Claytont and WEMIX, a blockchain project developed by WEMADE. The ongoing investigation aims to uncover the details surrounding the breach and its potential implications for these major domestic platforms.
Intelligence Agencies Investigate the Exploit
The participation of the National Intelligence Service (NIS) in identifying the perpetrator of the attack marks an unusual level of engagement in a blockchain-related virtual asset theft. OZYS, the operating company of Orbit Bridge, promptly reported the incident of asset misappropriation to the Korea Internet & Security Agency (KISA) and the National Police Agency on January 1st. This reporting aligns with mandatory obligations under the Information and Communication Network Act.
In response to the ongoing investigation, the NIS issued a statement, saying, “We are currently investigating the cause and the perpetrator of the incident. While no direct link to North Korea has been confirmed so far, we are collaborating with relevant agencies and considering the possibility,” as reported by local news media. The comprehensive involvement of national intelligence services highlights the seriousness with which authorities are treating the incident and their efforts to determine the responsible parties.
NIS Involvement in Investigation Deemed Unusual
The incident follows a recurring pattern in the cryptocurrency space, where cybercrime incidents often involve the Cyber Investigation Division of the National Police Agency and the Korea Internet & Security Agency (KISA). However, the notable inclusion of the National Intelligence Service (NIS) in this particular case is considered exceptional.
OZYS, the operator of Orbit Bridge, has actively collaborated with the ongoing investigation. They promptly reported the incident to authorities and sought assistance from global blockchain analysis firms such as UPsala Security and the TON Foundation.
The repercussions of this incident extend beyond the Claytont decentralized finance (DeFi) sector, impacting the broader ecosystem. OZYS looks forward to support from Claytont in resolving the crisis and assisting affected parties. Further details regarding their joint response with Claytont to address the incident are expected to be released in due course.