A Layer 1 blockchain called Harmony said that it has discovered a $100 million-or-so vulnerability that was aimed at their Horizon bridge.
To find the hacker and try to recover the stolen assets, the Harmony team has started collaborating with “national authorities and forensic professionals.” California is the home of Harmony.
In order to avoid users from losing further money, Harmony has stopped the functioning of its Horizon bridge. In addition, it has informed centralized exchanges about the vulnerability in order to block the attacker from exchanging the stolen assets.
It claimed that because the funds are kept in decentralized vaults, there has been no influence on its trustless BTC bridge.
Harmony’s Horizon Bridge lost various assets
Asset transfers across Harmony and the Ethereum and BSC networks are facilitated via Horizon’s bridge. In addition to the stablecoins Dai, Tether, USD Coin, Binance USD, and Frax, the hacker also nabbed Wrapped Ether, Ethereum, Wrapped Bitcoin, Binance Coin, Aave, Sushi, and AAG.
The hacker has already started exchanging some of the ERC-20 tokens for Ether via the Uniswap decentralized exchange, according to a tweet from cryptocurrency tracking service MistTrack.
Almost $98.9M worth of Ether, $1.16M worth of BNB, $777,800 worth of ERC-20 tokens, and $640,307 worth of BUSD are now stored in the attacker’s wallets.
In April, Chainstride Capital founder Apedev stated that the bridge’s security was totally based on a two-of-four multi-signature wallet, raising concerns about its security.
The values of all the stolen coins and tokens have not changed much, suggesting that the market has not yet reacted to the attack. However, over the previous 24 hours, ONE has plummeted 10%, with the most of the decline occurring in the last 5 hours. According to CoinGecko, it is now trading at $0.02413.