Ozys, a South Korean blockchain technology company, claimed in a blog post on Thursday that its former chief information security officer had arbitrarily compromised the company firewall before the security breach.
Ozys suffered an $81.5 million hack on its cross-chain protocol, orbit Bridge. Ozys did not reveal the name of the former employee.
The company has filed a lawsuit against its former CISO for damages and has asked the local police to investigate the former employee’s possible involvement with the hack, according to a South Korean news agency.
Two days after the employee requested a voluntary resignation, on November 22, Ozys argues that the former security chief made significant modifications to the internal firewall.
On December 6, they allegedly left the company without forewarning the company about changes made to the security settings. Ozys discovered this on January 10.
An “unidentified access” to Orbit Bridge on January 1 transferred $50 million in stablecoins (30 million USDT, 10 million DAI, and 10 million USDC), 231 wBTC (roughly $10 million), and 9,500 ether (roughly $21.5 million) in six transactions to eight new wallets.
Ozys said in the blog post that it has notified the National Intelligence Service and is looking into the possible involvement of the hacking group Lazarus, supported by North Korea, in the attack. The company is collaborating with cybersecurity firm Theori, Korean police, and the Korea Internet & Security Agency.
Choi Jin-han, CEO of Ozys, said in the announcement, “We will mobilize all resources, no matter how long it takes, to track down the attacker, and ultimately work to the end to freeze and recover the seized assets.”
Additionally, he said that the company will notify customers when a recovery plan becomes available.
