Harmony, a blockchain bridge that helps facilitate transfers between different cryptocurrency tokens, recently announced that $100 million in cryptocurrency was stolen from its Horizon bridge on Thursday morning. In a blog post detailing the events, Harmony explained that its Horizon Ethereum Bridge fell victim to a “malicious attack.”
“Multiple transactions occurred that compromised the bridge with 11 transactions that extracted tokens stored in the bridge,” reads Harmony’s statement.
Blockchain analytics firm Elliptic told Techcrunch that a number of different cryptocurrency tokens were stolen as a result of the compromised bridge. According to Elliptic, Ethereum, Binance Coin, Tether, USD Coin and Dai were all part of the hackers’ haul. The stolen tokens have already been converted to Ethereum by the hacker via crypto exchanges.
Harmony says it contacted the FBI as well as cybersecurity and exchange partners. Harmony also says that its Bitcoin bridge wasn’t affected by the exploit.
While Harmony has not yet shared details of the exploit, Twitter user Ape Dev pointed out a weakness in the security of the bridge as early as April. According to Ape Dev, hackers only needed to gain access to two multisig private keys to authorize the transfer of funds.
This is far from the first time a blockchain bridge weakness was exploited by bad actors. In fact, this $100 million lost here is actually on the low-end compared to some other thefts from just this year alone.
Play-to-earn game Axie Infinity had its Ronin blockchain bridge hacked in March resulting in a whopping $615 million in stolen assets. Just a month earlier, the Wormhole bridge was compromised, leading to $320 million in losses.