Tuesday, August 16, 2022

Harmony falls As Hackers Drain About $100 MIL From Its Crypto Bridge

The Takeaway:

Hackers have stolen $100 million from Harmony’s Horizon Bridge, enabling users to move their cryptocurrency assets from one blockchain to another by taking advantage of a flaw.

The Horizon bridge, which allows users to transfer cryptocurrency between Ethereum, Binance Smart Chain, and Harmony, was breached, according to the Harmony ONE (1) team, on the morning of June 24.

Harmony explained that the Horizon bridge had been shut down to block additional transactions. The bridge for bitcoin on Harmony was unaffected.

A “malicious attack” on Harmony’s proprietary Horizon blockchain bridge was discovered on Thursday, the American cryptocurrency start-up that created Horizon reported in a blog post on Friday. 

Cross-chain bridges, sometimes called blockchain bridges, allow users to transmit assets from one chain to another while facilitating communication across various blockchains. Users can transfer assets between the Ethereum, Binance Smart Chain, and Harmony blockchains using Harmony’s Horizon bridge, including tokens, stablecoins, and NFTs.

Nearly $100 million in cryptocurrencies were stolen from Harmony’s blockchain bridge, according to the business, which identified the attacker in a tweet.

According to Harmony’s blog post, the FBI, several cybersecurity partners, exchange partners, and others were contacted immediately after the assault and asked to help with an investigation aimed at locating the perpetrator and recovering stolen property. The blog post stated,

 “Further, the team has attempted communication with the hacker by embedding a note in a transaction to the culprit’s address.”

“This incident is a humbling and unfortunate reminder of how our work is paramount to the future of this space and how much of our work remains ahead of us,” the blog post said. “Ongoing investigations present a challenge of what information is allowed to be shared with the public, but we will continue to provide updates with the latest information as soon as we can share.” Says Harmony in its blog

Elliptic, a blockchain analytics company, claims that crypto assets worth $99.7 million were stolen from the Ethereum and Binance Smart Chain blockchains. According to Elliptic, the stolen assets include several Stablecoins created to maintain a US dollar peg and the native tokens of the two blockchains.

Harmony has remained silent and did not specify how the money was taken. But as early as April, one investor going by the name of Ape Dev expressed doubts about the security of the Horizon bridge. 

The researcher cautioned on Twitter that a multisignature wallet, often known as a “multi-sig,” that only needed two signatures to start transactions was crucial to the security of the Horizon bridge. For added security on transactions, multi-sig wallets demand the agreement of many participants.

Based on a note found within an Ethereum transaction readout, Elliptic claims that the Harmony team appears willing to speak with the entity responsible for the crime.

“The Harmony team is interested in communicating and negotiating. Please reach out at security@harmony.one to start a conversation. Communication can be anonymous.”

Disclaimer: The article reflects the opinions of the author and is not representative of Chaintimes’ views.
The article does not offer any investment advice. User discretion is advised when investing in or trading with cryptocurrency. Extensive and diligent research should be carried out by the reader before making a decision.

Hussain Sabunwala
Hussain Sabunwala
Hussain Sabunwala is a student at Symbiosis Institute of Technology. He is interested in how the internet works, Blockchain, and he is much more inclined to working in the field of Electronics. Writing helps him learn more about the different fields out there and how and why they work the way they do. He is always free to talk in length about many such topics and he is a bag of obscure facts collected and preserved in his many years in this planet.

Leave A Reply

Please enter your comment!
Please enter your name here