BREAKING NEWS: Harmony Blockchain's 'Horizon Bridge' Hacked for $100 Million
Revealed in a tweet found early this morning (Friday, June 24,2022), "the layer-1 blockchain’s main bridge between Ethereum, Binance Chain, and Bitcoin has been exploited for nine figures..." [Newar, B. Breaking: Harmony's Horizon Bridge hacked for $100M. (Accessed June 24, 2022)]. Apparently, Harmony's cross chain BTC bridge was unaffected in the hack.
.png)
This twitter thread continued and identified the wallet associated with the hack. The address reported to be involved in the Harmony Bridge exploit is: 0x0d043128146654C7683Fbf30ac98D7B2285DeD00.
Harmony ended this twitter feed with the following assurance:
.png)
More specifically,
Starting at about 7:08 am until 7:26 am ET, 11 transactions were made from the bridge for various tokens. They have since begun sending tokens to a different wallet to swap for ETH on the Uniswap decentralized exchange (DEX), then sending the ETH back to the original wallet... So far, Frax (FRAX), Wrapped Ether (WETH). Aave (AAVE), Sushi (SUSHI), Frax Share (FXS), AAG (AAG), Binance USD (BUSD). Dai (DAI), Tether (USDT), Wrapped BTC (WBTC), and USD Coin (USDC) have been stolen from the bridge through this exploit.
[Newar, supra].
Late on June 23, 2022, Harmony reported that all bridge activities had been halted.
This is the latest in a series of exploits that have stolen hundreds of millions of dollars from cross-chain bridges in recent months. In January, Qubit Finance's bridge was hacked for $80 million, and just a month later, the Wormhole bridge was hacked for $320 million. Both hacks were dwarfed, however, by the March 2022 hack of Axie Infinity's Ronin bridge, which drained $622 million in Ethereum and USDC.
[Graves, S. Harmony Plunges 10% After Horizon Ethereum Bridge Hacked For $100 Million. (Accessed June 24, 2022)].
Concerns have previously been expressed as to the soundness of Horizon’s multisig wallet on Ethereum which only required two out of the four signees to drain the funds. A founder of Chainstride Capital crypto-focused venture fund Ape Dev noted on Twitter April 2 that the low number of required signers would leave the bridge open for 'another 9 figure hack.'
[Newar. supra]
On April 1, 2022, Ape Dev tweeted:
.png)
So apparently the previous criticisms concerning the safety of Horizon's multi-sig wallet were well-placed indeed.
It should be remember that Vitalik Buterin raised issue with token bridges in a Reddit post on January 7, 2022 (his Reddit post may be found by clicking here).
He posited that when bridges get exploited, it threatens the liquidity of each chain affected. He added that as the amount of token bridges increases, the threat of a 51% attack on one chain could present a greater contagion risk to others.
[Id].
Presently (June 24, 2022 @ 07:41 EDT), per CoinMarket Cap, Harmony (ONE) is trading down 8.96% at $0.02472. And its 1-Day chart appears:
.png)
Posted Using LeoFinance Beta
These token bridges🤦♀️ Almost bright Thorchain to its knees.
Posted Using LeoFinance Beta
And the hits just keep on coming. I wrote a bit about this earlier.
HAF should help developers to design contracts in languages they understand.
Posted Using LeoFinance Beta