Orbit Chain, a cross-chain platform, announced in an X message on Jan. 1 that it suffered an attack on the previous day.

The project wrote that it confirmed “unidentified access” to its bridge platform late on Dec. 31. Orbit Chain said it is engaging with international law enforcement. It said it is working with the security firm Theoria to find the root cause.

Hours later, Orbit Chain provided specific details of the attack. It said that an attacker used Tornado Cash to supply initial ETH for the attack, then used several wallet addresses to receive the stolen cryptocurrency. It identified various transaction IDs that attacked Orbit Bridge’s Ethereum Vault. However, it continued to describe the main attack route as “unidentified.”

Orbit Chain has not stated whether users are affected or announced recovery plans. The project warned that any reimbursement offers are scams.

Orbit Chain additionally stated that it is working with crypto exchanges to freeze assets and has attempted to contact the attacker.

Theft estimated at $81M

Though Orbit Chain did not state how much was stolen during the attack, the security firm PeckShield estimated the attack’s value at $81.5 million. It noted that this amount comprises $30 million USDT, $10 million USDC, $10 million DAI, 230.879 WBTC ($10 million), and 9,500 ETH ($22 million).

PeckShield provided a chart suggesting that the attacker used the decentralized exchange Uniswap to swap certain funds for ETH.

Metamask lead product manager Taylor Monahan also commented on the hack. She called the incident “methodical” based on the pattern of attack.

Monahan said the hack could be one of the many this year that leads to “handing [North Korea] billions of dollars on a silver platter.” She identified a security certificate that links Orbit Bridge’s owner, Oyzs, to Korea through the country’s K-ISMS certification. U.S. authorities have previously tied other cryptocurrency attacks involving Tornado Cash to North Korean hacking groups, including attacks on Ronin Bridge and Horizon Bridge in 2022.

Monahan added that Orbit Bridge shares a creator with KlaySwap and Belt Finance, which were hacked for $2 million in 2022 and $6 million in 2021. All three projects are associated with the Klaytn blockchain ecosystem.

Orbit confirmed on Jan. 2 that the stolen assets had yet to be moved from the attacker’s address.