Connect with us

Hi, what are you looking for?

Finance

The hackers behind the Harmony attack are now attempting to launder Crypto stolen from the Horizon Bridge

$100 million dollars worth of WETH, AAVE, SUSHI, DAI, USDT, and USDC were stolen on Thursday, and were later swapped for Ethereum.

Harmony’s Horizon Bridge has seen funds moving into Ethererum mixer Tornado Cash since the money from Harmony’s bridge began to move into it. This indicates that the attacker does not intend to accept the bounty of $1 million offered.

If the Harmony team decides to obfuscate the ill-gotten gains, then the question remains whether its offer of just 1% of the $100 million in crypto funds stolen on June 24 will be sufficient to convince the exploiter to return the funds. A blockchain analysis by security company shows the hacker’s Ethereum wallet still contains $80 million in ETH tokens as well as about $65,000 worth of other tokens stolen during the bridge exploit, as of the judicious use of three transactions from the hacker’s address on June 23rd for a total of around 30K ETH (around $36 million).

In 2019 Harmony was launched as a proof-of-stake blockchain at layer 1. A Horizon bridge with Harmony’s network allows users to send cryptocurrencies between blockchains including that of Binance Chain, Ethereum, and Harmony’s network.

Using cryptocurrency mixing services, users can hide the origins of their cryptocurrencies by pooling multiple cryptocurrencies in a single pool and mixing them, which is a process commonly used to launder illicitly obtained tokens.

In the hackers’ attack on Thursday, $100 million was stolen in WETH, AAVE, SUSHI, DAI, USDT, and USDC, which were then swapped for Ethereum. Initial reports suggested that it was an exploit of the Harmony protocol by the company, however, it has since declared that it has not found any evidence that a breach of our smart contract code has occurred nor any vulnerabilities on the Horizon platform.

The Ronin Bridge hack in March was also attributed to a similar situation, in which hackers managed to steal about $600 million out of cryptography. It was later on revealed that the Roin attacker which was later branded by the US government as the North Korean-linked hacking group Lazarus had compromised five out of nine validators of the bridge protocol.

A bounty of $1 million was offered by Harmony Protocol on Saturday in exchange for the return of the bridge funds, saying on Twitter that the company would not pursue criminal charges if the funds were returned. As a result of today’s transfers, the offer appears to have been rejected.

Several hours after the hack, Harmony announced to its users that the theft did not affect Harmony’s BTC bridge and that it was working with national authorities and forensic specialists to identify the culprit and recoup the stolen funds. They also stepped up their security.

We have migrated the Ethereum side of the Horizon bridge to a 4-of-5 multisig since the incident, which means that at least four of five separate private keys will be needed to sign and authorize transactions. We will continue taking steps to further harden our operations and infrastructure security.

Stephen Tse, Founder – Harmony

This is yet another token bridge, Horizon, that has been exploited in a growing number of attacks. In 2021, Poly Network was hacked and lost $610 million, which was almost entirely recovered. The Meter, Wormhole, Ronin and Horizon token bridges have all been used to extract over $1 billion through nefarious means in 2022.

author avatar
Alex
Formally freelance blogger Alex is passionate writer with interest in Finance and Business, fascinated about crypto following news and covering stories.
Advertisement

You May Also Like

Cryptocurrency

Ripple's CTO, David Schwartz, has warned against early FOMO (Fear of Missing Out) ahead of the RLUSD stablecoin debut, forecasting short-term price volatility due...

Cryptocurrency

Ripple will debut its new dollar-backed stablecoin, RLUSD, on December 17, with initial listings on major platforms including Uphold, MoonPay, and CoinMENA. The stablecoin...

Finance

Lido Finance has discontinued its staking services on the Polygon network, citing limited user acceptance and shifting market circumstances. Users may withdraw their staked...

Business

Chrystia Freeland resigned as Canada's finance minister due to differences with Prime Minister Justin Trudeau and economic challenges from US tariffs. Her resignation raises...

polkadot
Polkadot (DOT) $ 6.83 1.71%
bitcoin
Bitcoin (BTC) $ 95,149.49 2.21%
ethereum
Ethereum (ETH) $ 3,279.40 1.82%
cardano
Cardano (ADA) $ 0.882382 1.93%
xrp
XRP (XRP) $ 2.20 1.66%
stellar
Stellar (XLM) $ 0.35605 0.40%
litecoin
Litecoin (LTC) $ 99.60 1.44%