On June 23, 2022, the Harmony development team announced that $100 million had been siphoned from the Horizon bridge, explaining that the organization was working with state authorities and forensic experts. According to an account published by Polygon’s Chief Information Security Officer, Mudit Gupta, the Horizon Bridge attackers allegedly took control of the multi-signature wallet utilized by Harmony’s Bridge.
Harmony’s multisig was exploited Polygon’s CSO stated that the founder of the Harmony Protocol found evidence that “private keys were compromised”
Three days ago, Harmony explained, it was attacked and the team witnessed $100 million siphoned from the Horizon bridge.” The Harmony team confirmed the theft, which occurred this morning at the Horizon Bridge, amounting to approximately $100 million,” Harmonytweetedon Thursday.” We have begun working with state authorities and forensic experts to identify the perpetrators and recover the stolen funds.” The Harmony team added.
The day after the exploit, Polygon’s Chief Information Security Officer, Mudit Gupta,said that the bridge is a 2 of 5 multi-signature scheme and anyone with two of the addresses can control it.” Gupta added that “hackers compromised the two addresses and drained the money,” Gupta summarized what he believes was done during the hack, although details have not yet been released.” The two addresses were hot wallets, presumably used to listen for and process legitimate bridging transactions,” Gupta explained.
“The attackers compromised the server(s) where these hot wallets were running,” Polygon CSO wrote on Friday. “Once inside the server, they had access to keys stored in plaintext to sign legitimate transactions. This server exploit appears to be either an SSH key compromise or social engineering. This is eerily similar to how Ronin was hacked.” The analyst added,
This was not a ‘blockchain hack’. It was a ‘traditional hack. I have been begging the protocol for months to focus on traditional security alongside blockchain security…
In addition, aincident reportwritten byHarmony Protocol founderstated, “The team found evidence of a private key compromise, which led to a breach of our Horizon bridge – the bridge’s Funds were stolen from the Ethereum side of the bridge.” The Harmony founder also said, “Confidentiality is important to maintain integrity as part of this ongoing investigation – the omission of certain details is to protect sensitive data for the benefit of our community.” He stated.
Image credits: Shutterstock, Pixabay, Wiki Commons