Harmony’s Cross-Chain Horizon Bridge Hacked for $100M
Harmony’s team said it has notified exchanges in an attempt to prevent further malicious transactions and is expected to update users soon
Zeeland Bridge, Netherlands. Credit: Unsplash
key takeaways
- Horizon has been hacked for $100 million while stewards of the bridge said they are working with authorities to identify the attacker
- Funds and assets from the Bitcoin bridge remain unaffected as they are stored in decentralized vaults, Harmony’s team said
Horizon Bridge, a cross-chain interoperability platform between Ethereum, Binance Smart Chain (BSC) and Harmony blockchain networks, has been hacked for $100 million.
The Harmony team, stewards of the bridge, said Thursday it has been made aware of the theft and has begun working with national authorities as well as forensic specialists to identify the attacker in an attempt to retrieve the stolen funds.
“We discovered the hack this morning and immediately began reaching out to our cyber security partners, exchanges, and the FBI, and we’re actively working with all three,” Harmony told Blockworks via Telegram.
“Once contact was established, our next goal was to communicate the situation with our community via Twitter and we’ve since published a Medium article which will receive ongoing updates as information is gathered,” the team added.
Harmony representatives said the hack did not impact the trustless Bitcoin bridge, as funds and assets are stored on decentralized vaults and are considered “safe at this time.” Horizon Bridge is audited by blockchain security firm Peckshield.
It’s the latest in a string of hacks against protocols, bridges and projects, including a $20 million theft from Ethereum scaling solution Optimism earlier this month and a $320 million hack against Solana bridge Wormhole in February. Ethereum-linked sidechain Ronin Network — used for blockchain game Axie Infinity — also suffered a hack in April with a whopping $620 million stolen.
Horizon enables cross-chain transfers of digital assets between Ethereum and Harmony, as well as BSC, via a set of smart contracts deployed across those three chains. Users holding assets including stablecoins, ERC-20 tokens or Binance’s BEP-20 tokens can exchange them for corresponding assets on Harmony for a 1:1 ratio.
In a later tweet update on Thursday, Harmony’s team said it had identified the hacker’s wallet address. The address has a balance of roughly 85,837 ether or around $98 million at time of writing.
“We have also notified exchanges and stopped the Horizon bridge to prevent further transactions. The team is all hands on deck as investigations continue,” the team said.
Harmony told Blockworks its founder, Stephen Tse, will discuss the hack and the team’s ongoing efforts via YouTube on Friday, as well as an update on their attempt to identify the culprit and retrieve the stolen funds.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
- Empire: Start your morning with the top news and analysis to inform your day in crypto.
- Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
- 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
- Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
- The Drop: For crypto collectors and traders, covering apps, games, memes and more.
- Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
