Another crypto bridge company was hacked, with tens of thousands of valuable Ethereum tokens stolen in a major heist.
The attack is the work of an as-yet-unknown cybercriminal who managed to extract 85,867 Ether tokens from the Harmony bridge, worth approximately $105 million at press time.
A bridging company offers the service of transferring coins between different chains, a service that has become extremely popular in the last couple of years. At the same time, these companies have become prime targets for cybercriminals everywhere as they are often coded with insufficient security, resulting in theft. (opens in new tab).
Earlier this year, a similar company called Wormhole was also breached, with the attackers getting away with $320 million worth of tokens. Soon after, the Ronin Network, a cryptographic bridge company owned by the owners of the game Axie Infinity, was also compromised and ended up losing $620 million.
A “humiliating” incident
Describing the incident in a Medium post, Harmony contributor Matthew Barrett said the company had notified security. (opens in new tab) and switch partners immediately, just like the FBI. The hope, he said, was to find the culprit and recover the funds, before they were laundered into crypto-asset services (essentially crypto-laundering services).
“Harmony believes that focusing on decentralized bridges is an essential step for Web3,” he said. “This incident is a humble and unfortunate reminder of how paramount our work is to the future of this space and how much of our work is still ahead of us.”
Most cryptographic bridges are audited by blockchain security companies, and Harmony was no different. He passed the audit in October 2020, which was conducted by Peck Shield. Still, the security company said it couldn’t guarantee with 100% certainty that the protocol was airtight.
With over 20,000 cryptocurrencies operating on multiple chains, interoperability between these chains has never been more important. And with a lot of money in operation, the network terminals (opens in new tab) will continue to be a major target for crypto-criminals.
Through: The register (opens in new tab)