Ozys Blames Former CISO for $81.5M Orbit Bridge Exploit
- Ozys has blamed its former CISO for a recent exploit on Orbit Bridge.
- The bridge was exploited for $81.5 million on January 1.
- The company said it was pursuing civil and criminal proceedings against the former employee.
On Thursday, South Korean blockchain technology company Ozys said its former chief information security officer (CISO) might be connected to the recent $81.5 million exploit on Orbit Bridge .
The company’s Orbit Bridge Ethereum Vault was attacked six times on January 1, leading to the theft of 231 wBTC, 9,500 Ether, 30 million USDT, 10 million DAI, and 10 million USDC . The attacker swapped the funds into ETH and DAI and sent them to eight addresses, where they have been stored without movement to date.
Ozys Employee “Weakened Firewall” Before the Attack
According to a blog post published on January 25, the January 1 attack was not caused by a vulnerability on the Orbit Bridge smart contract or “theft of validator keys” as initially thought.
While multiple agency investigations are ongoing, the company said it had stumbled upon a crucial lead to the attacker, who might be its former employee.
“While reviewing the existing firewall policy with a maintenance company for the design of a new security network, on November 22, 2023, Mr. A, who was serving as the Chief Information Security Officer of Ozzys, arbitrarily deleted the main firewall in the company,” Ozys CEO Jinhan Choi wrote.The statement described Mr. A as an information security expert “who oversaw the work to acquire Ozis ISMS certification.” Mr. A allegedly “made the firewall vulnerable” two days after deciding on voluntary retirement. The attack happened less than a month later.
After the development, Ozys said it is pursuing civil and criminal proceedings against the employee. Per a local media outlet, the company further submitted a petition requesting the police to investigate Mr. A’s possible involvement with the hack.
Read about the biggest crypto hacks of 2023:
Biggest Crypto Hacks of 2023 Resulted in Over 70% of Losses
Stay updated on how to prevent a SIM swap attack:
How to Prevent a SIM Swap Attack as SEC Falls Prey
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.