Harmony’s Cross-Chain Horizon Bridge Hacked for $100M
Harmony’s team said it has notified exchanges in an attempt to prevent further malicious transactions and is expected to update users soon
Zeeland Bridge, Netherlands. Credit: Unsplash
key takeaways
- Horizon has been hacked for $100 million while stewards of the bridge said they are working with authorities to identify the attacker
- Funds and assets from the Bitcoin bridge remain unaffected as they are stored in decentralized vaults, Harmony’s team said
Horizon Bridge, a cross-chain interoperability platform between Ethereum, Binance Smart Chain (BSC) and Harmony blockchain networks, has been hacked for $100 million.
The Harmony team, stewards of the bridge, said Thursday it has been made aware of the theft and has begun working with national authorities as well as forensic specialists to identify the attacker in an attempt to retrieve the stolen funds.
“We discovered the hack this morning and immediately began reaching out to our cyber security partners, exchanges, and the FBI, and we’re actively working with all three,” Harmony told Blockworks via Telegram.
“Once contact was established, our next goal was to communicate the situation with our community via Twitter and we’ve since published a Medium article which will receive ongoing updates as information is gathered,” the team added.
Harmony representatives said the hack did not impact the trustless Bitcoin bridge, as funds and assets are stored on decentralized vaults and are considered “safe at this time.” Horizon Bridge is audited by blockchain security firm Peckshield.
It’s the latest in a string of hacks against protocols, bridges and projects, including a $20 million theft from Ethereum scaling solution Optimism earlier this month and a $320 million hack against Solana bridge Wormhole in February. Ethereum-linked sidechain Ronin Network — used for blockchain game Axie Infinity — also suffered a hack in April with a whopping $620 million stolen.
Horizon enables cross-chain transfers of digital assets between Ethereum and Harmony, as well as BSC, via a set of smart contracts deployed across those three chains. Users holding assets including stablecoins, ERC-20 tokens or Binance’s BEP-20 tokens can exchange them for corresponding assets on Harmony for a 1:1 ratio.
In a later tweet update on Thursday, Harmony’s team said it had identified the hacker’s wallet address. The address has a balance of roughly 85,837 ether or around $98 million at time of writing.
“We have also notified exchanges and stopped the Horizon bridge to prevent further transactions. The team is all hands on deck as investigations continue,” the team said.
Harmony told Blockworks its founder, Stephen Tse, will discuss the hack and the team’s ongoing efforts via YouTube on Friday, as well as an update on their attempt to identify the culprit and retrieve the stolen funds.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: Unpacking crypto and the markets.
- Empire: Crypto news and analysis to start your day.
- Forward Guidance: The intersection of crypto, macro and policy.
- 0xResearch: Alpha directly in your inbox.
- Lightspeed: All things Solana.
- The Drop: Apps, games, memes and more.
- Supply Shock: Bitcoin, bitcoin, bitcoin.
