2 years ago
On June 23, 2022, the Harmony improvement squad announced that $100 cardinal was siphoned from the Horizon bridge, and the enactment explained it was moving with nationalist authorities and forensic specialists. According to an relationship published Polygon’s main accusation information officer, Mudit Gupta, the Horizon span attacker allegedly took power of the multi-signature wallet leveraged successful Harmony’s bridge.
Harmony’s Multi-Sig Exploited Polygon’s CSO Says, Harmony Protocol’s Founder Found Evidence That ‘Private Keys Were Compromised’
Three days ago, Harmony explained that it was attacked and the squad witnessed $100 cardinal siphoned from the Horizon bridge. “The Harmony squad has identified a theft occurring this greeting connected the Horizon span amounting to approx. $100 [million],” Harmony tweeted connected Thursday. “We person begun moving with nationalist authorities and forensic specialists to place the culprit and retrieve the stolen funds,” the Harmony squad added.
Following the exploit, the precise adjacent day, Polygon’s main accusation information officer, Mudit Gupta, said that the span was a 2 of 5 multi-signature scheme, and anyone with 2 of the addresses tin instrumentality power of it. “The hacker compromised 2 addresses and made them drain the money,” Gupta added. Gupta said portion the details aren’t nationalist yet helium summarized what helium believes took spot during the hack. “The 2 addresses were apt blistery wallets utilized to perceive for and process legit bridging transactions,” Gupta explained.
“The attacker compromised the server(s) that these blistery wallets were moving on,” the Polygon CSO wrote connected Friday. “Once wrong the server, they could entree the keys that were kept successful plaintext for signing legit transactions. The server exploit was apt either SSH cardinal compromise oregon societal engineering. This is eerily akin to however Ronin was hacked.” The expert further added:
This was not a ‘Blockchain Hack.’ It was a ‘Traditional Hack.’ I’ve been begging protocols to absorption connected accepted information excessively alongside blockchain information for months now…
Furthermore, an incident report written by the Harmony Protocol’s founder says “the squad has recovered grounds that backstage keys were compromised, starring to the breach of our Horizon span — Funds were stolen from the Ethereum broadside of the bridge.” The Harmony laminitis besides noted that “confidentiality is cardinal to support integrity arsenic portion of this ongoing probe — The omission of circumstantial details is to support delicate information successful the involvement of our community.”
What bash you deliberation astir the Harmony exploit for $100 million? Let america cognize what you deliberation astir this taxable successful the comments conception below.
English (US) 