Recently, a group of cybercriminals have managed to heist approximately $100 million worth of cryptocurrency from a blockchain company called Harmony. The company issued a statement saying they had already reported the incident to the FBI, which is now investigating it alongside cybersecurity companies.
Harmony’s Horizon Bridge enables users to transfer their cryptocurrency funds from one blockchain to another. The company temporarily stopped the bridge after the incident to prevent more transactions from being completed.
Rumours have it that the company is willing to give $1 million as a bounty to anyone who can return the funds.
The heist in the Harmony blockchain was not caused by any breach, which puzzled researchers.
The cybersecurity response team that tends to the issue announced that they had not found evidence of any intrusion in Harmony. Moreover, vulnerabilities or smart contract codes on the Horizon platform did not indicate exploitation.
Additionally, Harmony revealed that the layer in their blockchain is still secure despite the recent loss.
According to a representative, the incident response team deployed discovered that the private keys of their company were compromised. The most affected side of the bridge is from Ethereum.
Furthermore, the private keys were encrypted and stored by Harmony, with the keys encrypted again through passphrase and key management service. Oddly enough, no single device had access to multiple plaintext keys.
Therefore, the attackers could access and decrypt several of these keys, including the already used ones, to sign the unauthorised transactions and swipe funds in USDC, ETH, WBTC, and BUSB.
All assets were then swapped to Ethereum and remained on the adversary’s account on the ETH network. On the brighter side, investments have not been anonymised in ownership since the attacker has not made a move.
Unfortunately, a blockchain security researcher disclosed a detailed analysis of the event and confirmed that the threat actors managed to access the owners of Horizon’s multiSig wallets. This intrusion paved the way for draining the funds from Harmony and caused millions of losses.
