Harmony’s Horizon Bridge Breached by Hackers, Laundering $100 Million in Ethereum

What happened? 

The Harmony blockchain is a well-known trading platform where users can buy, sell, trade, and move cryptocurrencies throughout a variety of different blockchains. Blockchains are a crucial part of DeFi space, which allows users to transfer assets between many systems. According to cnbc.com, a hacker was able to breach the Horizon Bridge in the early hours of June 23, managing to steal around $100 Million worth of assets in cryptocurrencies such as Ethereum and ERC-20 tokens. It was later speculated on June 30 that the perpetrator(s) of the breach was part of the infamous Lazarus group, a North Koreanbased organization notorious for a variety of cryptocurrency scams and hacks in recent years.

Although exact information has not been released as of now, it is speculated that the hack was caused by a breach of the Horizon bridge’s multisignature key system. The Lazarus group is thought to have gained access to the private keys that authorize cryptocurrency transfers. The system implemented in the Horizon bridge requires only 2 out of 5 keys to allow a transaction to take place. With this breach, the hackers involved were able to quickly steal $100 Million of the $330 Million worth of Ethereum tokens stored in the wallets. As of the time of writing, Harmony has requested and received the aid of the FBI as part of an investigation to recover the stolen assets.

Who were the victims?

The Harmony blockchain is used by more than 10,000 users, and has a total value locked at $1 Billion. Since the attack, the worth of Harmony’s own cryptocurrency ONE has dropped by 27.37% as stated by coinbase.com. Many users affected by the Horizon Bridge attack have reached out and are waiting for answers on the fate of their stolen cryptocurrency.

How could it have been prevented?

With Eclypses MTE Technology, Harmony would have been able to eliminate its multisignature private key system, the main weakness of today’s blockchains and cryptocurrency sites. If a hacker is able to gain access to the private keys undetected, they gain unlimited access to funds, encrypted data, and much more. Due to private keys being the standard line of defense used by cryptocurrency companies, hackers have been able to find new ways to exploit their vulnerabilities.

If MTE Technology were used, the people authorized to monitor and take care of the crypto wallets would be given uniquely paired endpoints, which makes it impossible for outsiders to view the stored information and create a false transaction. With this technology, it ensures that only those who own or protect the wallets can ever see the data, thus reducing the risks of a breach to zero. 

Looking for more information? Contact our team today.   

Written by: Richard Vazquez