Harmony Heist: US$100 Million Stolen In Crypto Bridge Hack That Exposed System Vulnerability

In the latest hack within the crypto world, start-up blockchain Harmony reported a theft amounting to US$100 million. The hack on its Etheruem-based cryptocurrency bridge Horizon was discovered on Thursday, revealing a vulnerability in the digital asset ecosystem.

“On Thursday, June 23, 2022, the Harmony Protocol team was notified of a malicious attack on our proprietary Horizon Ethereum Bridge,” the company said in its blog. “At 5:30 AM PST, multiple transactions occurred that compromised the bridge with 11 transactions that extracted tokens stored in the bridge.”

The company said it immediately notified the national authorities and forensic specialists, which led to pinpointing the culprit’s address: 0x0d043128146654c7683fbf30ac98d7b2285ded00.

“The team has attempted communication with the hacker with an embedded message in a transaction to the culprit’s address at approximately 5:30 PM PST,” the firm added.

The hack is said to be anchored on the bridge’s “multisig” wallet that required only two signatures to initiate transactions.

Crypto bridges provide a way for traders to transfer their digital assets from one blockchain to another, sending tokens from ethereum network to bitcoin networks for instance.

Despite the hack, Harmony has continued to push for support on “trustless decentralized bridges,” saying these are “paramount for decentralization and security.”

“Harmony believes that focusing on decentralized bridges is an essential step forward for Web3. This incident is a humbling and unfortunate reminder of how our work is paramount to the future of this space, and how much of our work remains ahead of us,” the crypto firm further said in its blog.

The firm’s own token, ONE, dropped by as much as 12% within 24 hours following the hack.

The company noted, however, that the event did not affect its bitcoin bridge and that the funds and assets stored on decentralized vaults are “safe at this time.”

“We are working around the clock to ensure both the investigation and recovery of stolen funds are concluded in the most time efficient manner possible,” the firm added, as it works with the Federal Bureau of Investigation and multiple cyber security firms.

Information for this briefing was found via Bloomberg, CNBC, and the companies mentioned. The author has no securities or affiliations related to this organization. Not a recommendation to buy or sell. Always do additional research and consult a professional before purchasing a security. The author holds no licenses.

Leave a Reply