Harmony One Hacked — Here’s What We Know So Far

Harmony One is the latest victim of a costly “crypto bridge” hack. However, the FBI is on the case…

NOTE: We will update this story as new details emerge. Please check back for updates.

Covered:

  • Harmony One Hacked; 100 Million Missing
  • FBI Involvement
  • One Token Performance; DeFi TVL
  • How Was Harmony One Hacked?
  • Bridge Hacks In Crypto
  • Update 1: Harmony Gives An Update On Bridge Hack

Harmony One Hacked; 100 Million Missing

Smart contract protocol Harmony One (ticker symbol ONE) announced yesterday that its Horizon bridge had been hacked for $100 million USD. Horizon bridges assets to and from Harmony One chain to Ethereum and BSC (BNB chain).

“The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100MM. We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds,” Harmony said via Twitter. By national authorities, Harmony means the FBI: “Harmony is working around the clock as we continue our investigation alongside the FBI and multiple cyber security firms.”

This hack did not affect their Bitcoin bridge, Harmony also noted.

The news brought down the ONE token over 10%. However, it has since recovered a bit., now only down 6%. The ONE token is currently trading around $0.25 cents USD. TVL-wise, the hack at one point appeared to have been worth about 50% of the protocol’s DeFi value. Currently, TVL on the Harmony chain sits at 67 million. 

Recommended: US Treasury Says North Korean Hackers Responsible For Axie Infinity Hack

How Was Harmony One Hacked?

So far, no official post-mortem from Harmony has been provided but the Ethereum scaling solution promises to update its Medium blog as soon as it has details to share.

The most popular theory flooding CT right now is that the hacker was able to compromise two addresses. This is because the bridge is a 2/5 of multisig. Multisig is essentially a wallet that requires more than one set of private keys to execute a transaction. After the hacker compromised the two addresses, they were able to sign the transactions and drain the accounts.

Of course, this is just speculation for now. Check back for updates from Harmony for an official statement.

Bridge Hacks In Crypto

The odds of recovering all or most of the funds is generally pretty good. For the most part, crypto hacks aren’t as difficult to execute as saying cashing out hacked funds.

Because of the nature of blockchain — the tracking of each transaction being public — it’s very difficult to get away forever. Even the Bitfinex hackers were eventually found. Back in 2021, the Poly bridge hacker gave back the found claiming to be a white hat, but it’s likely they didn’t see a way to cash out his winnings. With the FBI involved, perhaps this motivates the Harmony hacker to reevaluate.

However, there’s no guarantee that these funds will be recovered. Also, even if they are recovered it could take quite some time.

Recommended: What is Harmony one?

Harmony Gives An Update On Bridge Hack

The Harmony team announced today that it has hired Chain Analysis as one of two security partners who will help uncover the details of their bridge hack. “Thank you in advance to Chainalysis for your support and hard work, and we look forward to bring this to a resolution,” Harmony said via Twitter.

Chainanalysis is the biggest blockchain forensics company out there, managing to stay around for over a decade. It helps governments, crypto businesses, and TradFi uncover all sorts of information from the blockchain, most often crime related. Harmony declined to name the other company they are working with.

The protocol later added, “Our efforts to review various options are done in parallel to the investigation. Additional time is needed as we explore these options but more will be shared in time. Thank you to everyone for your support and patience.”

While some had hoped for a quicker resolution, so far that hasn’t been the case. Some have criticized the small one million dollar bounty. Not to mention, time appears to be of the essence because the hacker(s) have apparently started using Tornado Cash, a service that helps launder crypto.

As of press time (06/28/22), Harmony’s ONE token is currently trading in the $0.02 USD range. The token has had a particularly rough time during this bear trend. It finds itself currently behind the likes Terra Luna, Safemoon, and Baby Dogecoin.

Harmony had a strong end of 2021 and the beginning of 2022 thanks to DeFi Kingdoms. However, it’s been hit hard by the DeFi Kingdoms scandal.

 


John Kaczur

Source link