Ex-Orbit Bridge employee suspected of facilitating $80 million attack, the investigation shows.
The South Korean company Ozys, behind developing the cross-chain bridge Orbit Bridge, has accused its former employee of facilitating a recent attack on the protocol.
According to the blog, based on the preliminary investigation, the CISO weakened the internal firewall settings on Nov. 22, 2023. Two days earlier, this employee submitted a resignation letter of his own free will.
On Dec. 6, 2023, he left his position but should have warned the company about changes made to security settings. Ozys did not disclose the name of the former employee.
According to local media reports, the company contacted the police with a request to verify this information and also filed a claim for damages against the ex-colleague.
“The police are expected first to investigate whether Mr. A allowed unidentified hacking forces to infiltrate by arbitrarily changing the security policy and the possibility of contact with a hacker group.”
The Ozys team, with the security company Theori, the National Intelligence Service, the police, and the local Internet and Security Agency, is investigating the incident. In particular, the involvement of North Korean hackers from the Lazarus Group is being verified.
The company promised to notify users about the fund’s recovery plan and the timing of its implementation.
At the beginning of the year, the Orbit Bridge cross-chain bridge suffered a hacker attack. The attackers withdrew crypto assets worth more than $80 million. The developers of Orbit Chain turned to large crypto exchanges with a request to freeze the stolen crypto assets.