According to a tweet from Blockchain Harmony, the hack of its Horizon bridge, which enables users to transfer currencies between various blockchains, happened on Thursday morning. One further significant weakness in the ecosystem of digital assets was revealed when hackers stole nearly $100 million from a so-called bitcoin bridge.
Blockchain harmony assured that it has “begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds.”
According to CoinGecko, Harmony’s native ONE token, which is used to pay transaction fees, collect incentives, or vote on platform changes, fell 12% during the last 24 hours. According to the website for the Harmony blockchain, the project has more than $1 billion in total value tied to it. Whether any user funds had been taken was not immediately apparent.
The attack on Horizon, which allows for transactions between Ethereum and Binance’s Smart Chain, represents the third significant bridge hack of the year. Hackers stole about $300 million from the Wormhole bridge in February, and then $620 million from the Ronin bridge a month later. Xuxian Jiang, chief executive officer of security firm PeckShield, was contacted by Harmony for support. In Horizon’s case, “the theft seems to have happened due to a private key compromise.”
Furthermore, according to Jiang, the Horizon bridge is controlled and protected by four wallets, and to authenticate and carry out a transaction, authentication from at least two of the wallets, each supported by multiple signatures, is necessary. An attacker was successful in this instance in compromising the secret information needed to access these wallets and triggering transactions that transferred funds from the Horizon bridge to an external wallet.
According to a tweet from researcher Elliptic, the hackers made off with stable coins Tether, USDC, and DAI, as well as for cryptocurrencies Ether and BNB. In what Elliptic described as “a commonly-seen technique with these hacks,” those tokens were then exchanged for Ether utilizing so-called decentralized exchanges. The assault on the Horizon bridge on Thursday came after an incident involving five user wallets on Harmony’s network in January, during which the business claimed a thief stole 19,314,598 ONE tokens, valued at $5.8 million at the time.
Featured Image: Megapixl © Nexusplexus