So-called blockchain bridges have become a major target for hackers seeking to exploit vulnerabilities in the world of decentralized finance.
Jakub Porzycki | NurPhoto | Getty Images
Hackers are the latest major robbers in the world of decentralized finance, stealing $ 100 million of cryptocurrencies from the so-called blockchain bridge, Horizon.
The details of the attack are still inadequate, but Harmony, the developer of Horizon, said he identified the theft on Wednesday morning. Harmony has picked out an account for an individual who believes to be the culprit.
“We’ve been working with authorities and forensic experts to identify the culprit and start collecting the stolen money,” the startup said in a tweet late Wednesday.
In a follow-up tweet, Harmony said he was working with the Federal Bureau of Investigation and several cybersecurity companies to investigate the attack.
Blockchain bridges play a big role in DeFi space, providing a way for users to transfer assets from one blockchain to another. For Horizon, users can send tokens from Ethereum Network to BinanceSmartChain.Harmony said the attack did not affect another bridge Bitcoin..
Like other aspects of DeFi aimed at rebuilding traditional financial services such as blockchain loans and investments, bridges have become a major target for hackers due to vulnerabilities in the underlying code. I am.
According to Jess Symington, research leader at blockchain analytics firm Elliptic, the bridge “maintains a lot of liquidity” and is an “attractive target for hackers.”
“Assets are locked on one blockchain and unlocked or mint on another blockchain so that individuals can use the bridge to transfer funds,” says Symington. “As a result, these services hold a large amount of crypto assets.”
Harmony does not reveal exactly how the money was stolen. However, one investor has expressed concern about the security of the Horizon Bridge as far back as April.
The security of the Horizon bridge relied on a “multisig” wallet that required only two signatures to initiate a transaction. Some researchers speculate that this breach is the result of a “private key breach.” The hacker has obtained one or more passwords needed to access the cryptocurrency wallet.
Harmony’s comments weren’t immediately available when CNBC contacted me.
This follows a series of notable attacks on other blockchain bridges. Ronin Network, which supports the crypto game Axie Infinity, Lost more than $ 600 million Due to a security breach that occurred in March. Another popular bridge, the wormhole, Lost more than $ 320 million In another hack a month ago.
Robbery has recently been added to the negative news stream of cryptocurrencies.Cryptocurrency lenders Celsius and Babel Finance Frozen at the time of withdrawal Liquidity became tight after the value of their assets plummeted.Meanwhile, the embarrassed crypto hedge fund Three Arrows Capital Can be set to default $ 660 million loan from a brokerage firm Voyager Digital..