Orbit Bridge operator Ozys said an unknown attacker stole about $81.5 million from the Ethereum vault in six transactions on Jan. 1, 2024, taking ETH, WBTC, USDT, USDC, and DAI before swapping assets into ETH and DAI across eight wallets. The company said Theori, Korean police, KISA, and NIS were involved in the response, and that multiple tips suggested similarities to Lazarus tradecraft, but the root cause was still under investigation. Ozys stated the exploit was not caused by a smart contract flaw or validator key theft and separately disclosed that a former CISO had changed key firewall policies weeks before the incident.