Bridge Incident Registry
Incident case

Orbit Bridge 2024 Ethereum vault exploit

On January 1, 2024, an unidentified attacker removed approximately $81.5 million in ETH, WBTC, USDT, USDC, and DAI from the Orbit Bridge Ethereum vault. The Ethereum vault was shut down, and later recovery and partial service-resumption plans remained incomplete.

reviewedcurrent

Incident facts

Incident title
Orbit Bridge 2024 Ethereum vault exploit
Bridge
Orbit Bridge
Incident date
2024-01-01
Incident type
Exploit
Major incident
Yes
Affected chains
Orbit Chain, Ethereum
Affected assets
ETH, WBTC, USDT, USDC, DAI
Attack category
Unknown
Reported loss
$81.5 million
Recovery
Unknown
Reimbursement
In Progress
Restart
Partially Reopened
Current outcome
Limited After Incident
Resolution
Unresolved
Last reviewed
2026-06-14
Last verified
2026-06-14

Timeline events

  • Orbit Bridge Ethereum vault exploit disclosed2024-01-01

    Orbit Chain reported that an unidentified attacker removed five asset types from the Ethereum vault and that the vault was shut down shortly after detection.

    Exploit DisclosedHigh

  • Asset recovery and ecosystem normalization plan announced2024-02-14

    Ozys published a draft recovery plan combining company resources, partner support, long-term support assets, and future business proceeds while acknowledging that immediate full recovery from its own resources was limited.

    Recovery Plan AnnouncedHigh

  • XRP bridge functionality resumed after security inspection2024-09-06

    Orbit Chain later reported that XRP bridge functionality had resumed after security inspection, while Ethereum-based asset migration and recovery-related work remained outstanding.

    Partial Service ResumptionHigh

Evidence records

Known unknowns