The voice of reason for this hacker? – Unfortunately, it is rare in the cryptosphere that a week goes by without a fault in smart contract brings the bad news of a hack. At the end of last week, it is the bridge (bridge) between harmony (ONE) and Ethereum (ETH) which was siphoned off 85,860 ethers. The project tries everything for everything by proposing a bonus to the hacker.
A hack enabled by the compromise of private keys
This Friday, June 24, 2022, the teams ofHarmony-Protocol announced the loss of approximately $100 million in ether on the Bridge Skyline. The latter allows the exchange of crypto-assets from one blockchain to another, in this case between Harmony and Ethereum.
According to The Block, which reports the words of Mudit Gupta – Polygon IT Security Manager (MATIC) -, the pirate would have took control of a particular multi-signature wallet. The latter is the one used for the deployment of the bridge of Harmony. The hacker would then change the code of this bridge protocol, to be able to siphon funds.
The founder and CEO of Harmony, Stephen Tsemoreover confirmed, on June 26, that private keys access to this multisig wallet had indeed been compromised :
“The team found evidence that the private keys were compromised, which led to the attack on our bridge Horizon. The funds were stolen from the Ethereum side of the bridge. »
>> Play it safe, register on FTX the reference of crypto exchanges (affiliate link) <<
$1 million to recover Harmony bridge coins
Given the scale of the theft, the Harmony teams would be ready to pass the sponge if the hacker wishes to return the funds. The announcement of a bonus of $1 million for the hacker was even made on the project’s official Twitter account, if it ever gets repented :
“We are committing to paying a $1 million bounty for returning funds from the Horizon Bridge and sharing operating information [de faille]. (…) Harmony will plead for no criminal charges to be brought when the funds are returned. »
At the time of writing these lines, the pirate has, a priori, not give answer to Harmony’s proposal.
If the ONE blockchain teams hope to review the funds of their bridge Horizon, things may not go as well as for Optimism (OP). Indeed, in this case, after a hack having hijacked 20 million OP tokensthe hacker had returned 17 million OPwhile keeping a big bonus.
Stay away from spammers and scammers of all stripes, avoid too-good-to-be-true offers like the plague, and get into the habit of showing healthy suspicion. On the other hand, also learn to place reasonable trust in respectable and recognized players in the ecosystem. The FTX platform falls without a shadow of a doubt into this second category. Come acquire and trade your first bitcoins and other cryptocurrencies by registering on FTX. You will benefit from a lifetime discount on your transaction fees (affiliate link).