Orbit Chain Bridge

2018-01-01

Orbit Chain launched by Ozys as a cross-chain bridging protocol supporting multiple public blockchains.

2023-11-20

Ozys' former Chief Information Security Officer submits a voluntary resignation request.

2023-11-22

The former CISO allegedly makes unauthorized changes to Ozys' internal firewall policies without notifying the company, according to Ozys' later allegations.

2023-12-06

The former CISO departs Ozys without disclosing firewall changes or providing handover documentation.

2023-12-31

At approximately 20:52 UTC, an attacker pre-funds an intermediary wallet with 10 ETH sourced from Tornado Cash and begins executing the Orbit Bridge exploit.

2024-01-01

Six transactions drain approximately $81.5 million (ETH, WBTC, USDT, USDC, DAI) from the Orbit Bridge Ethereum vault between 05:52–06:25 KST. Development team notified at 07:05 KST; vault shut down at 07:21 KST.

2024-01-01

Seoul Metropolitan Police notified at 10:00 KST. KISA notified at 10:35 KST. Security firm Theori engaged for joint investigation.

2024-01-10

Investigators discover that the former CISO had arbitrarily changed firewall policies on November 22, 2023. Ozys notifies South Korea's National Intelligence Service; NIS opens formal investigation.

2024-01-11

Orbit Chain announces an $8 million USD public bounty for intelligence leading to attacker identification or fund recovery.

2024-01-25

Ozys publicly alleges that its former CISO sabotaged the firewall and files civil lawsuit and criminal complaint against the former employee.

2024-06-08

After approximately five months of dormancy, the exploiter moves 12,932 ETH (approximately $47.7 million) through Tornado Cash across seven transactions.