THE DAILY ENCRYPT

October 3, 2022

Analysts Say Hackers Had Taken Control of Harmony’s Multi Signature Wallet

Harmony blockchain was the victim of a $100 million fraud on its Horizon bridge. Security analysts believe the hacker was the first to gain control...
Photo by Milad Fakurian

Harmony blockchain was the victim of a $100 million fraud on its Horizon bridge. Security analysts believe the hacker was the first to gain control of bridge’s multi-signature wallet.

Harmony, a proof of-stake (PoS), blockchain lost $100,000,000 due to theft from its Ethereum-linked bridge.

An anonymous hacker stole many assets including ETH and BNB as well as USDT, USDC, USDT and DAI. These assets were previously connected via the Horizon bridge from Ethereum to Harmony blockchain.

Harmony responded by saying it was working with cyber security firms and law enforcement agencies. The team didn’t explain how the hack occurred.

Related Articles:  Binance Pushes Further Overseas and Set's up Base in New Zealand

Although the Harmony team has not yet provided an official post-mortem report, security experts have provided some insight into the hack. Mudit Gusta, Polygon’s chief information security officer said that the hacker gained access to the multisignature wallet used for deploying Harmony’s bridge.

Multi-signature wallets are smart contract accounts that have multiple private keys. They can be managed by several entities and not just one person. Gupta discovered that at least two of five private keys were required to access the bridge’s funds. The perpetrator might have taken two keys and gained control.

Related Articles:  Luxury Auction House Christie's Launches a NFT Platform C3.0

“The bridge was basically a 2 of 5 multisig. It would transfer funds to anyone it was told to by 2 addresses,” Gupta stated. “The hacker compromised two addresses and made the money disappear.”

CertiK is a smart contract security company that confirmed that the hacker actually targeted the bridge’s multisignature wallet. CertiK stated in a report on Friday that the attacker had “exploited” the MultiSigWallet owner to call confirmTransaction() to directly transfer large amounts tokens from the bridge.

Felipe Rodriguez

Felipe Rodriguez

Felipe states he has super powers, some argue that case but he does come up with some very clear predictions. Felipe is based in the US and frequently travels to Brazil where he was born. He is a journalist of the future and has a portfolio of crypto projects he has worked with. Felipe always says "The future doesn't scare me as much as the past, crypto is here to stay but only time will tell where it will take us".
Felipe Rodriguez

Felipe Rodriguez

Felipe states he has super powers, some argue that case but he does come up with some very clear predictions. Felipe is based in the US and frequently travels to Brazil where he was born. He is a journalist of the future and has a portfolio of crypto projects he has worked with. Felipe always says "The future doesn't scare me as much as the past, crypto is here to stay but only time will tell where it will take us".

© 2022 The Daily Encrypt. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

Latest News
PRESS RELEASES