You are using an older browser version. Please use a supported version for the best MSN experience.

Hackers Steal Another $100 Million In Crypto From A Blockchain Transfer Protocol, Total Lost In 2022 Above $1 Billion

Forbes logo Forbes 6/24/2022 Maria Gracia Santillana Linares, Forbes Staff
Harmony's Horizon bridge is hacked $100 million in latest blockchain bridge exploit. getty © Provided by Forbes Harmony's Horizon bridge is hacked $100 million in latest blockchain bridge exploit. getty

Harmony’sHARMONYONE Horizon bridge became the latest cross-chain vehicle to be hacked in the world of crypto, suffering a $100 million loss that represents two-thirds of its total capital. The company announced the theft via Twitter on Thursday night, detailing that the hacker stole a mix of blockchain tokens ether and BNBBNB, stablecoins UDST, USDCUSDC, and dai, and DeFi tokens AAVEAAVE and SUSHISUSHI .

Horizon, Harmony’s main bridge between the Ethereum ETH and Binance Smart Chain blockchains, allows users to transfer assets like tokens, stablecoins, and NFTs across the platforms. There is currently over $51,629,097 worth of BNB and ETH locked into the Horizon bridge, per the company’s website.

In response to the hack, the team paused the Horizon bridge to prevent further transactions. Harmony has also notified exchanges about the incident in an effort to block transfer of the ill-gotten gains. “The team is all hands on deck as investigations continue,” they tweeted.

Harmony is not the first blockchain bridge to suffer a major hack this year. Security firm Elliptic estimates that over $1 billion has been stolen from blockchain bridges so far in 2022, stemming from five major hacks. The Ronin Network, host of the popular crypto-gaming network Axie Infinity, became one of the largest crypto heists in history in March after $600 million was stolen. Wormhole, another blockchain bridge between the Ethereum and SolanaSOL networks, lost $325 million in a hack the month prior.

Aside from the Horizon bridge, Harmony also offers a BitcoinBTC to Ethereum bridge that remains in beta testing.

This hack appears to be largely a result of a vulnerability within Horizon’s highly centralized security structure. Although the platform uses a “multisig” wallet to conduct transfers, meaning multiple parties need to sign off on a transaction, Horizon’s wallet only required two of the four signers to authorize a transaction. It also means that only two accounts would need to be compromised to steal the money.

Even before the hack, some were weary of Harmony’s bridge security as far back as April, pointing out the small number of owners within the consensus process. Founder of Chainstride Capital crypto-focused venture fund Ape Dev warned that if two of the four signers were compromised, the bridge could see “another 9 figure hack.”

Though Harmony has not revealed how the funds were stolen, the theft occurred over the course of 14 transactions across Ethereum and Binance Smart Chain, per a report by Elliptic. They have since started sending tokens to swap for ETH in popular decentralized exchange Uniswap, before sending the ETH back to the original wallet.

Harmony seems to have identified the hacker, leaving a message offering to negotiate for the return of the funds, according to Elliptic. This has become somewhat of a common practice in crypto, with hacked parties asking for their money back. In a following Twitter thread the company stated that they were working “alongside the FBI and multiple cyber security firms” to investigate the hack.

As a result of the hack, Harmony’s token, ONE, has fallen 8% in the last 24hours, according to CoinGecko, and is currently priced at $0.024 with a market capitalization of $302,267,414.

uncaptioned © Provided by Forbes uncaptioned
AdChoices

More from Forbes

image beaconimage beaconimage beacon