South Korean Authorities Probe $82M Orbit Bridge Cybersecurity Breach Amid Suspicions of Lazarus Group’s Participation

South Korean authorities are currently investigating a significant hack that targeted Orbit Bridge, the primary bridge supporting the Claytont ecosystem, resulting in a theft of approximately $82 million just hours before the start of the new year. Multiple South Korean agencies are collaborating on the investigation.

There are suspicions pointing towards the involvement of the North Korean hacking group known as ‘Lazarus,’ prompting the South Korean National Intelligence Service (NIS) to intervene and conduct a thorough inquiry. Orbit Bridge, a critical component for major Korean domestic platforms like Kakao’s Claytont blockchain and WEMIX, a blockchain project by WEMADE, fell victim to the exploit.

The NIS’s participation in identifying the perpetrator showcases an uncommon level of engagement for a virtual asset theft related to blockchain. The operating company of Orbit Bridge, OZYS, promptly reported the incident of asset misappropriation to the Korea Internet & Security Agency (KISA) and the National Police Agency on January 1st, adhering to mandatory reporting obligations under the Information and Communication Network Act.

Regarding the ongoing investigation, the NIS stated, “We are currently investigating the cause and the perpetrator of the incident. While no direct link to North Korea has been confirmed so far, we are collaborating with relevant agencies and considering the possibility,” as reported by local news media.

This incident aligns with the cryptocurrency space’s trend, where cybercrimes often lead to the involvement of agencies like the Cyber Investigation Division of the National Police Agency and KISA. However, the inclusion of the NIS in this case is considered unusual.

OZYS has actively cooperated with the investigation, promptly notifying authorities and seeking assistance from global blockchain analysis firms such as UPsala Security and the TON Foundation.

As the repercussions of this incident extend beyond the Claytont decentralized finance (DeFi) sector, OZYS is expecting support from Claytont to address the crisis and assist affected parties. Further details on the joint response from OZYS and Claytont in handling the incident will be released in due course.