Harmony Bridge Hacked, $100 Million Worth of Ethereum Lost

2022-06-25 03:0715

Source: CryptoPotato

On the 24th of June, the Horizon bridge connecting Harmony – a Layer-1 PoS blockchain built for native token ONE – to the Ethereum and Binance Chain ecosystem was hacked, leading to a loss of approximately $100 million in ETH. The exploit was announced on Twitter by the Harmony team, who stated that they are hunting for the culprit.

The Latest in a Series of Vulnerabilities

1/ The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100MM. We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds.

More

— Harmony (@harmonyprotocol) June 23, 2022

The bridge has since been shut down to prevent further losses. Harmony devs have also clarified that the BTC bridge is unaffected.

The attack appears to have taken place over the span of 17 hours, starting with a transaction worth a whopping 4,919 ETH, followed by several smaller transactions ranging from 911 to 0.0003 ETH. The last one took place after the bridge had been shut down.

The hack is the latest in a series of exploits affecting the crypto space, such as the Axie Infinity drain, Solana Wormhole, or, more recently, the (misplaced) Optimism fiasco. Another recent vulnerability, the Demonic exploit, which affected multiple crypto wallets, was patched before any damage could be done.

Exchanges have reportedly been notified, as well as “national authorities and forensic specialists.” Unfortunately for Harmony, the former may not be of much help in the event the identity of the hacker is discovered, depending on the jurisdiction that the hacker may be located in.

“We have also notified exchanges and stopped the Horizon bridge to prevent further transactions. The team is all hands on deck as investigations continue. We will keep everyone up-to-date as we investigate this further and obtain more information.”

Prior Warning Issued By Independent Researchers

Curiously, a warning was issued by an independent researcher and blockchain dev Ape Dev back on the 2nd of April. In a series of tweets, Ape Dev called attention to the fact that the security of the Harmony Bridge was built around a multi-sig wallet with only four owners. He predicted that this could be used to execute a very simple attack by getting 2 of the owners to sign off on transfers worth up to $330million.

His sleuthing talents have since been recognized by Brendan Eich, the CEO and co-founder of Brave.

https://t.co/MCi4MXJuge

— Ape Dev (@_apedev) June 24, 2022

Whether the Harmony attacker got the idea from Ape Dev’s indication or reached the same conclusion independently is unclear. In either case, however, the warning came nearly three months before the unfortunate event, which should have given Harmony devs enough time to secure their systems.

With cyberattacks becoming more and more prevalent in the crypto space, the security standards of various blockchain-based platforms will likely be scrutinized by third parties with increasing regularity – and rightfully so.

Likes 0
Favorite
Declaration: This article is published with the authorization. And it can't represent FTFTX's standpoint. Please note the source of article if it is reprinted: www.ftftx.com
All Comments(3)
Publish

OnChain Seaside

OnChain Seaside

I’ve bought wine and peanuts for another week

06-25 03:16

Crypto-Pills

Crypto-Pills

Don't talk about it, I'm going to keep watching the leeks

06-25 03:16

REVV Ambition

REVV Ambition

What about stocks? Is it formal? Stop cutting leeks?

06-25 03:14
No More
Hot

PoW Miners Rake in Profits Mining ETH Until the End, Ethash Networks Expect a Boost, JPMorgan Strategists Say ETC Could Benefit

1PoW Miners Rake in Profits Mining ETH Until the End, Ethash Networks Expect a Boost, JPMorgan Strategists Say ETC Could Benefit

In just over a month’s time, The Merge is likely to be implemented on the Ethereum blockchain and the network’s proof-of-work (PoW) miners will be forced to mine another coin. So far, it seems ethereum miners are sticking with the PoW Ethereum chain until the very end as profits have increased. While Ethereum will change the consensus ruleset, a great number of crypto community members are attempting to guess where the hashrate will go after The Merge transition. What do you think about The Merge and how miners will need to make a choice in 32 days when it comes to choosing an Ethash supporting blockchain? Let us know what you think about this subject in the comments section below. Disclaimer

2022-08-16 05:33 | Bitcoin.com1

FTFTX APP DownloadUse
iOS 9.0 and above
Android 4.3 and above

Feedback
Back