Crypto startup Harmony's Horizon blockchain bridge was breached on June 23, 2022, and was drained of nearly $200 million. The hacker(s) managed to skim $98.3 million in ETH, $12.4 million in Wrapped Bitcoin (WBTC) and almost $50 million in stablecoins Tether (USDT) and USD Coin (USDC).
The latest incident highlights the constant threat posted by hackers to crypto platforms. Despite the addition of several safety features, miscreants continue to suck out hundreds of millions of dollars through elaborate schemes and attacks.
In Horizon's case, the rest of the loot, which amounted to roughly $20 million, was made of numerous tokens, including DAI stablecoins, Binance USD (BUSD), SUSHI tokens, AAVE, Wrapped Ethereum (WETH), and a few others.
The entire heist from the Horizon Bridge amounted to over $181 million. Fortunately, the platform was able to locate and recover a large portion of the stolen funds.
Also read:
The Horizon Bridge is a cross-chain protocol between the Ethereum, Binance and Harmony blockchains. The bridge uses smart contracts to facilitate token transfers between the three blockchains. It also acts as a bridge to Bitcoin, allowing it as a wrapped ERC-20 token on the Ethereum blockchain.
According to data from blockchain explorer Etherscan, the attacker made 11 transactions with a nefarious wallet. From there, they routed the tokens to the decentralised exchange (DEX) Uniswap, where they exchanged the altcoins for ETH. The hacker then sent the ETH back to the initial wallet.
“We have also notified exchanges and stopped the Horizon bridge to prevent further transactions. The team is all-hands-on-deck as investigations continue,” the official Harmony handle tweeted.
Harmony is working around the clock as we continue our investigation alongside the FBI and multiple cyber security firms.Updates will be shared as information is gathered.
— Harmony 💙 (@harmonyprotocol) June 24, 2022
They also reassured users that the Bitcoin bridge was secure and that all funds and assets on that network were perfectly safe in “decentralised vaults”.
Soon after the revelation was made, Harmony tweeted that it had identified the miscreant wallet and discovered a balance of 85,837 ETH, which is the entire Ethereum haul siphoned off from the Horizon Bridge. This reduced the effective damage to less than $100 million for the layer-1 blockchain.
Ethereum co-founder Vitalik Buterin had expressed his disdain toward cross-chain bridges in January 2022. He emphasised that cross-chain exploitations jeopardised crypto liquidity across all involved blockchains. Buterin maintained that storing assets on-chain (E.g., Ethereum assets on the Ethereum blockchain) is the safest way to avoid a 51 percent attack.
A 51 percent attack occurs when a single bad actor or group of miscreants gains control of more than 50 percent of a blockchain’s computing power.
Since cross-chain protocols enable asset and fund transfer between blockchains, they have become a playground for miscreants in the cryptosphere. The most significant hacks in the last year have all been attacks on cross-chain protocols.
These include the $611 million Poly Network attack in August 2021, the $325 million Wormhole attack in February 2022, and the $611 million Ronin Bridge attack on Axie Infinity in March 2022. Combined, these three attacks amount to over $1.5 billion.
Following the Horizon Bridge attack, the native ONE token of the Harmony blockchain has shed 11.11 percent in the last 24 hours and is trading at $0.024 at the time of writing.
Also read: GST breather for crypto eco-system, council may want a deeper study before deciding taxation
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
2024 Lok Sabha Elections | Why Kerala is in focus as the second phase begins to vote
Apr 26, 2024 9:33 AM
Bengaluru Rural Lok Sabha election: Deve Gowda's son-in-law Manjunath to lock horns with Congress' DK Suresh
Apr 26, 2024 9:11 AM