Horizon Bridge by Harmony Hack
Crypto is having a hard time. The volatility of the market alone is unsettling enough but when you add theft to the mix, it’s no wonder that the reputation of crypto is suffering.
The latest business to fall victim to hacking is, Horizon Bridge by Harmony. Here’s what you need to know.
Who is Horizon bridge?
Horizon Bridge is a cross chain bridge that enables the transfer of assets from Ethereum to Harmony One cryptocurrency on the Harmony blockchain so that investors can benefit from its multichain ecosystem, take advantage of their ultra-fast speed, and enjoy practically zero fees. Harmony takes security seriously and uses random state sharding to protect against single shard attacks.
What happened?
At 5.30am PST, June 23, 2022, Horizon bridge was the victim of a malicious attack
- The Harmony Protocol bridge suffered a hack that led to a loss of $100M.
- The bridge exploiter stole 11 different ERC-20 tokens and 13,100 ETH from the bridge.
- The stolen funds were transferred to other ERC-20 tokens to two other wallets to swap via UniSwap and other DEXs back to ETH.
- The protocol is suspected to have been the result of a private key compromise
Harmony’s incident response team were quick to react and have since been investigating the incident with support from multiple cyber security partners, exchange partners, and the FBI.
The company claim that the consensus layer of the Harmony blockchain remains secure and have discovered evidence that the hack was the result of private keys being compromised.
“Our incident response team has discovered evidence that private keys were compromised, leading to the breach of the Horizon bridge. Funds were stolen on the Ethereum side of the bridge. The private keys were encrypted and stored by Harmony, with the keys doubly encrypted via passphrase and a key management service, and no single machine had access to multiple plaintext keys. The attacker was able to access and decrypt a number of these keys, including those used to sign the unauthorized transactions and take assets in the form of BUSB, USDC, ETH and WBTC. All assets were then swapped to ETH and currently remain on the hacker’s account on the Ethereum network. No steps have currently been taken by the hacker to anonymize ownership of these assets.”
Updates to the investigation are being shared on social media and published to their blog on Medium.
To prevent further transactions from taking place, Harmony have stopped the Horizon bridge and notified exchanges. 12 hours later, the response team attempted to make contact with the hacker by embedding a message in a transaction to the culprit’s address. In addition, they are offering a reward for the full return of the bridge funds.
Why are bridges a target for hackers?
How businesses can avoid falling victim to these hacks
Harmony’s response team have been very reactive, and their customers are fortunate that the business is able to offer a bounty for the return of the funds. Sadly, in DeFi, this is not a given. The assurances and protection investors get with TradFi banking systems are not the same in the decentralized world. And, whilst we take our hats off to Harmony for offering a bounty, we believe that these hacks can be avoided and that prevention is better than cure.
Businesses should prioritise prevention over cures such as rewards or insurance. By putting the focus on preventing these hacks in the first place, end users get the best possible security while companies limit their reputational risk which is so damaging in these instances. But there isn’t a preventative solution to crypto theft, right? Wrong! In fact, we are doing it right now.
Coincover is probably the only company in the industry that provides this level of security, by analysing transactions for malicious activity and alerting the user before they are broadcast to the blockchain to prevent theft; and by offering a non-custodial ultra-secure storage and recovery of private keys to prevent lost access. On top of this, the technology has been insured at Lloyd’s of London and could help investors to recover any preventable losses due to theft or hacking. It’s the full gamut of crypto protection – and it enables businesses to significantly reduce their risk.