Layer-1 blockchain Harmony’s Horizon Bridge has been hacked for the sum of roughly $100 million (roughly Rs. 784 crore), becoming the latest blockchain bridge whose security frailty has been exploited in recent months. The Harmony team revealed the breach on Friday, noting that it has instituted preliminary actions to restore normalcy to the Horizon Bridge. On Sunday, it announced a $1 million bounty for the return of the funds and information on the exploit. The ill-gotten loot included stablecoins USD Coin and Tether, along with altcoins BNB, Sushi, Aave, and others. To drain the Horizon bridge, the hackers exchanged all of the assets into Ether, forcing Harmony to halt all activities on the bridge.
“The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100 million,” the Harmony team said in a tweet, adding that it is coordinating with the relevant bodies to identify the attackers. “We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds.”
4/ We have also notified exchanges and stopped the Horizon bridge to prevent further transactions. The team is all hands on deck as investigations continue.
We will keep everyone up-to-date as we investigate this further and obtain more information.
— Harmony 💙 (@harmonyprotocol) June 23, 2022
Since the news broke, the Harmony team has found the address of the hacker and is working with “the FBI and several cybersecurity firms” to retrieve the stolen funds, according to a tweet.
The team behind Harmony protocol is also offering a $1 million (roughly Rs. 7.8 crore) reward for information leading to the return of $100 million (roughly Rs. 784 crore) in altcoins stolen from its Horizon bridge, as well as exploit information, and says it will “advocate for no criminal charges when funds are returned.”
We commit to a $1M bounty for the return of Horizon bridge funds and sharing exploit information.
Contact us at firstname.lastname@example.org or ETH address 0xd6ddd996b2d5b7db22306654fd548ba2a58693ac.
Harmony will advocate for no criminal charges when funds are returned.
— Harmony 💙 (@harmonyprotocol) June 26, 2022
Harmony’s blockchain bridge enables users to transfer digital assets between different blockchains, the most notable of which are the Binance Smart Chain, Ethereum, Bitcoin, and Harmony networks. The hacker used this to their advantage, stealing a variety of digital assets spanning NFTs, metaverse land, and wrapped Ether.
Hackers recently have been targeting cross-chain bridges. Qubit Finance’s bridge was hacked for $80 million (roughly Rs. 628 crore) back in January, thieves stole $320 million (roughly Rs. 2,510 crore) from the Wormhole bridge a month later, and hackers drained $625 million (roughly Rs. 4,730 crore) in Ether and USDC from Axie Infinity’s Ronin bridge in March.