A recent cyber attack on the cross-chain bridge of the US-based crypto startup Harmony has resulted in a massive theft of $100 million worth of cryptocurrencies. The attackers exploited the Horizon Bridge, which allows users to transfer their crypto assets between different blockchain platforms.
Attack Details
Last week, Harmony warned its users about a "malicious attack" on the Horizon Bridge. The attackers stole a substantial amount of crypto assets, including Ethereum (ETH), Binance Coin, Tether, USD Coin, and Dai. According to Elliptic, a London-based blockchain analysis provider, the hackers converted the stolen assets into 85,837 ETH through the use of Tornado Cash, a mixer commonly used for laundering illegally obtained cryptocurrencies.
Investigation and Attribution
Elliptic has published an analysis of the attack, which suggests that the hackers are linked to the notorious North Korean state-backed hacking group Lazarus Group. The firm notes that while no single factor proves the involvement of Lazarus in the Horizon Bridge attack, the group’s activities bear a striking resemblance to the current incident.
Chainalysis, another blockchain security firm working with Harmony to investigate the hack, has backed up Elliptic’s findings. According to Chainalysis, the attack on the Horizon Bridge shares similarities with previous hacking incidents attributed to Lazarus Group.
Lazarus Group’s History of Crypto Attacks
In April, the U.S. Treasury Department linked Lazarus Group to a massive theft of $625 million in cryptocurrency from the Ronin Network, an Ethereum-based sidechain used for the popular play-to-earn game Axie Infinity. This incident highlights the group’s increasing interest in decentralized finance (DeFi) services and cross-chain bridges.
Elliptic notes that Lazarus Group tends to focus on APAC-based targets, possibly due to language reasons. However, Harmony is based in the US, with many of its core team members having links to the Asia-Pacific region.
Harmony’s Response
In a series of tweets last Thursday, Harmony announced that it has begun a "global manhunt" for the individuals responsible for the $100 million theft. The company stated that it has notified all exchanges and law enforcement agencies, and is working closely with Chainalysis and AnChainAI to identify the perpetrators and recover the stolen assets.
Harmony also offered an ultimatum to the attackers, promising to drop its investigation if the funds were returned minus a $10 million bounty. Additionally, the company is offering $10 million for information leading to the safe return of the funds.
The Importance of Cybersecurity in Crypto
The theft of $100 million worth of cryptocurrencies from Harmony’s Horizon Bridge serves as a stark reminder of the importance of cybersecurity in the crypto space. As more and more users transfer their assets across different blockchain platforms, the risk of attacks like this one increases exponentially.
What Can Be Done to Prevent Such Attacks?
While it is impossible to completely eliminate the risk of cyber attacks, there are several measures that can be taken to mitigate them:
- Implement robust security protocols: Crypto startups and exchanges should prioritize implementing advanced security measures, such as multi-signature wallets and regular audits.
- Conduct thorough risk assessments: Organizations should regularly assess their systems for vulnerabilities and implement countermeasures to prevent attacks.
- Stay informed about emerging threats: The crypto community must stay vigilant and share information about new threats and attack vectors.
By prioritizing cybersecurity and staying informed about emerging threats, we can work together to build a safer and more secure crypto ecosystem.
