От CryptoNews - преди 4 месеца - Време за четене: 3 минути
Хакер на Orbit Bridge, заподозрян в пробиви на Coinspaid и Coinex
Source: AdobeStock / TamaraBlockchain analysts from Системи за съвпадение have found that the Орбитна верига hackers used the same tactics as those in several other high-profile attacks – suggesting that a cybercrime organization, possibly the infamous Лазарска група, stands behind these hacks.
This criminal group seems to have been busy last year. Cointelegraph цитирано a January 3, 2024, report by Match Systems, naming Coinspaid, Коинекс, и Атомен Портфейл among the group’s victims.
Според доклада,
“[The analysis] gives reason to believe that the same criminal group may be involved in the hacking of the Orbit bridge, which in 2023 had previously committed several large hacks of the cryptocurrency services Atomic wallet, CoinsPaid, CoinEx, etc., using tools and patterns of the well-known Lazarus group.”
As the new year approached, hackers експлоатиран Орбитален мост, the cross-chain bridging service of a South Korean-based multi-asset Orbit Chain, making off with $82 million.
Чети повече: Are Hackers Two Steps Ahead of Security in a Cat-and-Mouse Game? Experts Answer
Общи нишки
The analysts found that the hackers used Торнадо Кеш. They had gas funds from other accounts that withdrew them from the popular crypto mixer.
A mixer does ‘mixes’ different funds in order to obscure the trail leading back to the original sources. Therefore, hackers use it to mix their identifiable funds with others’ funds.
That said, Match System reportedly ‘de-mixed’ the funds using specialized software. It analyzed the “characteristics and patterns before and after the Tornado.cash mixer, considering transaction volumes and dates/times, as well as other specialized methods.”
What the team discovered was a group of addresses. One of them used the SWFT protocol to transfer funds to other addresses. The protocol was also used in the DFX Финанси, Дерибит, и AscendEX атаки.
Following the Oribit attack, a portion of the funds sent through SWFT traveled through a number of chains, gathering in a Tron wallet. It was then transferred to an exchange and cashed out.
Another common factor, the analysts argue, is that the attackers used Лавинен мост намлява Синбад in the Orbit attack and several earlier attacks.
Per the team,
“[These are] tools and patterns of the well-known Lazarus group.”
Чети повече: Blockchain Association съди OFAC заради санкции върху Tornado Cash
Lazarus was Responsible for a Fifth of Total Losses in 2023
The North Korea-affiliated hacker group Lazarus was responsible for $308.6 million stolen in 2023, the major bug bounty and security services platform Имуни found. This is a whopping 17% of the total year losses.
The group was allegedly behind the high-profile attacks on Атомен Портфейл, CoinEx, алфапо, Stake, Монети Платено, and the massive Ронин мрежа attack, resulting in a $625 million loss.
Източник: ImmunefiThe Immunefi team recently публикувани a report focusing specifically on the Lazarus Group. It found that, between 2021 and 2023, the group stole $1,903,600,000 across the Web3 ecosystem.
In December, Immunefi CEO Mitchell Amador commented that,
“As we approach 2024, their escalating sophistication is concerning. Their proficiency in exploiting infrastructure vulnerabilities, smart contract weaknesses, as well as their meticulous social engineering operations, underscores their emergence as perhaps the most pressing threat to web3 today.”
Чети повече: Record Losses in Web3 May Be Coming as Crypto Prices Rise: Immunefi
Това мнение Хакер на Orbit Bridge, заподозрян в пробиви на Coinspaid и Coinex се появи първо на Cryptonews.
Оригинален източник: CryptoNews