On Thursday, crypto firm Harmony’s blockchain bridge, known as Horizon, announced that it was hacked for $100 million, becoming the latest major hack of a blockchain bridge in recent months.
Hackers have increasingly exploited the security vulnerabilities of blockchain bridges, which enable users to transfer their digital assets across different blockchains. Harmony’s Horizon hack follows on the heels of other high-profile attacks on blockchain bridges, including Axie Infinity’s Ronin bridge, which saw $600 million of crypto disappear this past March, and Wormhole, which lost $320 million in a criminal heist in February.
Horizon’s Harmony bridge allows transfers of tokens between the Ethereum network and the Binance Smart Chain. Harmony also operates another blockchain bridge for Bitcoin, which it says was not impacted by the hack.
Harmony disclosed that a single account was behind the attack. Harmony did not specify how hackers breached their system, but said it was working with the FBI and other forensic specialists at cybersecurity companies to investigate the hack.
Horizon bridge relies on a “multisig” wallet, which allows transactions to be conducted with just two signatures, a vulnerability that could have been exploited by hackers.
It is common for hacks to compromise private keys to access a crypto wallet.
“We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds,” Harmony Tweeted.
“Its funds and assets stored on decentralized vaults are safe at this time,” Harmony added, pointing out that it had stopped deposits and withdrawals on the bridge and informed crypto exchanges of the hack.
Stolen tokens include Wrapped Ethereum, AAVE, SUSHI, DAI, Tether, and USD Coin.
Decentralized finance has been roiled by hacks of blockchain bridges, and experts warn that this trend may accelerate, given the pivotal role that bridges play in moving large pools of assets: “[Bridges are a] tempting target for hackers,” Jess Symington, research lead at blockchain analysis firm Elliptic told CNBC. “In order for individuals to use bridges to move their funds, assets are locked on one blockchain and unlocked, or minted, on another. As a result, these services hold large volumes of crypto-assets.”
News of the hack sent Harmony’s ONE token sliding by more than 10%.
Be the first to comment