Hacker Steals $100M From Harmony’s Horizon Bridge

  • Harmony Protocol’s Horizon Bridge has been hacked, with about $100 million stolen.
  • The team has contacted authorities and shut down the bridge.
  • This is not the first time that a bridge has been hacked this year, with Ronin and Wormhole both suffering very expensive hacks.

Harmony Protocol’s Horizon bridge has been hacked, with the attacker making away approximately $100 million. The project announced the incident over Twitter on June 24, saying that they had begun working with national authorities and forensic specialists. The attacker’s address shows the details of the exploit and contains about $99.1 million or 85.867 ETH.

Harmony has been taking steps to limit the attacker’s options as much as possible. The project has stopped the Horizon bridge and notified exchanges, which should prevent some of the funds from being taken away entirely.

There is little else in the way of information. A full post-mortem is likely over the coming days, as the project’s focus right now is to put an end to immediate threats.

The ONE toke has dropped by about 12% following the news. This adds to an already sharp drop that it experienced during the market crash.

The attack took place over a period of roughly 17 hours, carrying out several transactions to steal the ETH. One transaction stole 4,919 ETH, and the remainder was stolen through numerous smaller transactions.

Interestingly, there appears to have been some talk before about a potential exploit due to a lack of security. Ape Dev talked about vulnerabilities in the Harmony Bridge on April 1, which Brave CEO Brendan Eich pointed out.

DeFi Vulnerabilities and Attacks Remain a Concern

The attack on Harmony Protocol is far from the only one to take place in 2022. It doesn’t even come close to being the most expensive hack, which makes one take notice of the increasing brazenness of bad actors. The market has lost over $1 billion from DeFi hacks in the first three months of 2022 alone.

The Ronin Bridge was hacked for over $600 million in March, which led to developer Sky Mavis doubling down on security, introducing bug bounties, and being firm on audits. The developer will reimburse victims and relaunch the bridge at the end of the month.

The Wormhole Bridge was also attacked for over $300 million in February 2022. Such incidents have caught the attention of regulators, and the crypto market will have to deal with security issues if it does not want to attract more severe regulation.