Harmony’s Cross-Chain Horizon Bridge Hacked for $100M
Harmony’s team said it has notified exchanges in an attempt to prevent further malicious transactions and is expected to update users soon
Zeeland Bridge, Netherlands. Credit: Unsplash
key takeaways
- Horizon has been hacked for $100 million while stewards of the bridge said they are working with authorities to identify the attacker
- Funds and assets from the Bitcoin bridge remain unaffected as they are stored in decentralized vaults, Harmony’s team said
Horizon Bridge, a cross-chain interoperability platform between Ethereum, Binance Smart Chain (BSC) and Harmony blockchain networks, has been hacked for $100 million.
The Harmony team, stewards of the bridge, said Thursday it has been made aware of the theft and has begun working with national authorities as well as forensic specialists to identify the attacker in an attempt to retrieve the stolen funds.
“We discovered the hack this morning and immediately began reaching out to our cyber security partners, exchanges, and the FBI, and we’re actively working with all three,” Harmony told Blockworks via Telegram.
“Once contact was established, our next goal was to communicate the situation with our community via Twitter and we’ve since published a Medium article which will receive ongoing updates as information is gathered,” the team added.
Harmony representatives said the hack did not impact the trustless Bitcoin bridge, as funds and assets are stored on decentralized vaults and are considered “safe at this time.” Horizon Bridge is audited by blockchain security firm Peckshield.
It’s the latest in a string of hacks against protocols, bridges and projects, including a $20 million theft from Ethereum scaling solution Optimism earlier this month and a $320 million hack against Solana bridge Wormhole in February. Ethereum-linked sidechain Ronin Network — used for blockchain game Axie Infinity — also suffered a hack in April with a whopping $620 million stolen.
Horizon enables cross-chain transfers of digital assets between Ethereum and Harmony, as well as BSC, via a set of smart contracts deployed across those three chains. Users holding assets including stablecoins, ERC-20 tokens or Binance’s BEP-20 tokens can exchange them for corresponding assets on Harmony for a 1:1 ratio.
In a later tweet update on Thursday, Harmony’s team said it had identified the hacker’s wallet address. The address has a balance of roughly 85,837 ether or around $98 million at time of writing.
Harmony told Blockworks its founder, Stephen Tse, will discuss the hack and the team’s ongoing efforts via YouTube on Friday, as well as an update on their attempt to identify the culprit and retrieve the stolen funds.
Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.
Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.
Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.
The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.