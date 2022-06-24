U.S. markets close in 2 hours 26 minutes

  • S&P 500

    3,886.67
    +90.94 (+2.40%)
     

  • Dow 30

    31,340.26
    +662.90 (+2.16%)
     

  • Nasdaq

    11,503.15
    +270.96 (+2.41%)
     

  • Russell 2000

    1,757.57
    +45.90 (+2.68%)
     

  • Crude Oil

    106.66
    +2.39 (+2.29%)
     

  • Gold

    1,830.00
    +0.20 (+0.01%)
     

  • Silver

    21.13
    +0.09 (+0.42%)
     

  • EUR/USD

    1.0547
    +0.0023 (+0.22%)
     

  • 10-Yr Bond

    3.1190
    +0.0510 (+1.66%)
     

  • GBP/USD

    1.2264
    +0.0003 (+0.03%)
     

  • USD/JPY

    135.1820
    +0.2490 (+0.18%)
     

  • BTC-USD

    21,152.26
    +870.62 (+4.29%)
     

  • CMC Crypto 200

    460.47
    +6.57 (+1.45%)
     

  • FTSE 100

    7,208.81
    +188.36 (+2.68%)
     

  • Nikkei 225

    26,491.97
    +320.72 (+1.23%)
     

Hacker exploits Harmony blockchain bridge, loots $100M in crypto

Carly Page
·3 min read

A hacker has exploited a vulnerability to steal $100 million from Harmony’s Horizon Bridge, which allows users to transfer their crypto assets from one blockchain to another.

Harmony, the U.S. crypto startup behind Horizon, said in a blog post on Friday that it was notified of a “malicious attack” on its proprietary Horizon blockchain bridge on Thursday. Blockchain bridges, also known as cross-chain bridges, facilitate communication between different blockchains and allow users to send assets from one chain to the other. Using Harmony’s Horizon bridge, for example, users can move assets — including tokens, stablecoins, and NFTs — between Ethereum, Binance Smart Chain, and Harmony blockchains.

Harmony said the culprit of the attack — which the company singled out in a tweet — stole close to $100 million in cryptocurrency from its blockchain bridge.

According to blockchain analysis company Elliptic, a variety of crypto assets were taken, including Ethereum, Binance Coin, Tether, USD Coin and Dai. Elliptic added that the stolen tokens have now been swapped for Ethereum using decentralized exchanges — a "commonly-seen technique with these hacks," it said.

Harmony said in its blog post that immediately following the attack, multiple cybersecurity partners, exchange partners, and the FBI were notified and requested to assist with an investigation in identifying the culprit and retrieving stolen assets. “Further, the team has attempted communication with the hacker with an embedded message in a transaction to the culprit’s address,” the blog post read.

Harmony added that it had stopped the Horizon bridge to prevent further transactions. Harmony's bridge for bitcoin was unaffected.

“This incident is a humbling and unfortunate reminder of how our work is paramount to the future of this space, and how much of our work remains ahead of us," the blog post said. “Ongoing investigations present a challenge of what information is allowed to be shared with the public, but we will continue to provide updates with the latest information as soon as we are able to share.”

Harmony has not revealed exactly how the funds were stolen, and did not comment when contacted by TechCrunch.

However, one investor who goes by the handle Ape Dev had concerns about the security of its Horizon bridge as far back as April. The researcher warned on Twitter that the security of the Horizon bridge hinged on a multi-signature — or “multisig” — wallet that required just two signatures to initiate transactions. Multi-sig wallets require the consent of multiple parties for ensuring additional security on transactions.

“So all in all, if two of the four multi-sig signers are compromised, we're going to see another 9 figure hack," Ape Dev, founder of crypto venture fund Chainstride Capital, wrote on April 1. "Considering all that's been going on lately, it'd be interesting to hear some details from @harmonyprotocol on how these [externally owned accounts] are secured,”

The Harmony bridge hack follows a series of notable attacks on other blockchain bridges. The Ronin Network, an Ethereum-based sidechain made for the popular play-to-earn game Axie Infinity, lost more than $600 million in March, an attack which U.S. officials have since linked to North Korean state-backed hacking group Lazarus. Similarly, decentralized finance platform Wormhole lost almost $325 million to hackers in February after they exploited a security flaw in its smart contract code.

Q1 crypto losses spike 695% on year following massive hacks

Recommended Stories

  • FBI Enlisted in ‘Humbling’ $100 Million Hack of Harmony Blockchain

    Harmony's native token ONE is down 14% over the past 24 hours, while the crypto market is up 4% overall.

  • Hackers Steal $100 Million by Exploiting Crypto’s Weak Link

    (Bloomberg) -- Hackers looted about $100 million from a so-called cryptocurrency bridge, again exposing a key vulnerability in the digital-asset ecosystem. Most Read from BloombergSupreme Court Overturns Roe, Transforming Abortion-Rights FightJuul’s Vaping Products Are Ordered Off the Market in the USStocks Surge as Bullard, Data Ease Recession Fears: Markets WrapThese Are the World’s Most Liveable Cities in 2022Elon Musk Says New Tesla Plants Are ‘Money Furnaces’ Losing BillionsBlockchain Harmo

  • Time for Crypto to Make Nice With Regulators

    There’s a real risk of a knee-jerk response to the latest fallout. There are also many open-minded people in government. The industry must work with them.

  • Crypto Exchange FTX in Talks to Acquire Stake in BlockFi

    Sam Bankman-Fried’s crypto exchange is in talks to acquire a stake in BlockFi, a crypto lender that FTX gave a $250 million credit line this week.

  • Hackers Steal $100 Million in Crypto From Harmony Blockchain Bridge

    Tech company Harmony says it is working to retrieve funds and identify who is behind the theft on one of its blockchain bridges

  • At the Bored Ape restaurant, your ApeCoin is no good now

    Bored & Hungry is a magnet for fans of Bored Ape NFTs and other crypto projects. But with prices cratering, the Long Beach burger joint no longer lets customers use crypto as payment.

  • Xi Trip to Hong Kong in Doubt After Top Officials Get Covid

    (Bloomberg) -- President Xi Jinping’s rumored visit to Hong Kong to mark the city’s 25th anniversary of Chinese rule is in doubt after top officials in the city came down with Covid.Most Read from BloombergSupreme Court Overturns Roe, Transforming Abortion-Rights FightJuul’s Vaping Products Are Ordered Off the Market in the USStocks Surge as Bullard, Data Ease Recession Fears: Markets WrapThese Are the World’s Most Liveable Cities in 2022Elon Musk Says New Tesla Plants Are ‘Money Furnaces’ Losin

  • ‘We’re Poor Again, but We’re Still Here’: Why NFT.NYC Won’t Die

    It was fun, it was cringe – in short, the premier NFT conference was again itself.

  • Low Bitcoin Price Weighs on Crypto Mining Stocks

    Worried about falling profits and high fixed costs, investors have been dumping publicly traded bitcoin miners like Riot Blockchain and TeraWulf amid the cryptocurrency selloff.

  • Everything You Need To Know About Nick Cannon's Growing Family

    The Masked Singer host is enjoying family life and welcoming his seventh baby in the fall. Here are the details on Nick Cannon's growing family.

  • Could Ethereum Skyrocket After the Merge?

    The Merge is an upcoming blockbuster of an upgrade to the Ethereum crypto network. Will it send token prices to the moon?

  • Bre Tiesi Gives Nursery Tour for Her Baby With Nick Cannon (Exclusive)

    Bre Tiesi gives ET an inside look at the nursery for her and Nick Cannon’s baby boy.

  • Sri Lanka Sued by Bondholder in US After Historic Default

    (Bloomberg) -- Sri Lanka was sued in the US by a bondholder after the South Asian nation defaulted on its debt for the first time in history while struggling to stop an economic meltdown.Most Read from BloombergThe World’s Bubbliest Housing Markets Are Flashing Warning SignsJuul Soon to Be Ordered Off the Market by FDA, WSJ ReportsElon Musk Says New Tesla Plants Are ‘Money Furnaces’ Losing BillionsStocks Snap Rally as Recession Fears Mount: Markets WrapPowell Says Soft Landing ‘Very Challenging;

  • U.S. crypto firm Harmony hit by $100 million heist

    U.S. crypto firm Harmony said on Friday that thieves stole around $100 million worth of digital coins from one of its key products, the latest in a string of cyber heists on a sector long targeted by hackers. Harmony develops blockchains for so-called decentralised finance - peer-to-peer sites that offer loans and other services without the traditional gatekeepers such as banks - and non-fungible tokens. The California-based company said the heist hit its Horizon "bridge", a tool for transferring crypto between different blockchains - the underlying software used by digital tokens such as bitcoin and ether.

  • Most of Deshaun Watson's lawsuits have been settled, but the first — and potentially most problematic — remains

    Ashley Solis has always had a particularly strong case. And she was not among the suits whose settlements were announced Tuesday, which could influence the NFL's disciplinary decision.

  • China bans over 30 live-streaming behaviours, demands qualifications to discuss law, finance, medicine

    China has issued new regulation on the live-streaming industry that lists 31 banned behaviours, raising the bar for influencers to talk about certain topics, in the government's latest effort to regulate the booming digital economy. The 18-point guideline, published by the National Radio and Television Administration and the Ministry of Culture and Tourism on Wednesday, requires influencers to have relevant qualifications to discuss some topics, such as law, finance, medicine and education, alth

  • Nancy Pelosi’s husband charged with DUI in Northern California

    Paul Pelosi, the husband of Speaker of the House Nancy Pelosi, was charged Thursday with driving under the influence in connection with a crash he was in last month.

  • New York’s Central Park Tower Is Now Home to the World’s Highest Private Club

    The swanky new spot includes a grand ballroom, private bar, cigar lounge and more.

  • Horizon’s US$100 mln crypto hack prompts FBI investigation

    The Federal Bureau of Investigation (FBI) and multiple cybersecurity companies have started investigating the US$100 million hack on Harmony Protocol’s Horizon cross-chain bridge. See related article: Axie Infinity hack proceeds continue to be laundered despite US sanctions Fast facts Harmony Protocol announced it was attacked on Friday morning Asia time, adding it had alerted exchanges […]

  • Been Approved for a Mortgage? Here Are 5 Ways You Could Still Lose the Loan

    If a mortgage lender becomes concerned about your ability to repay the loan, it has the right to withdraw the offer.