Harmony to offer $1 mln bounty to the attacker to return funds
The hacker rejected Harmony’s offer of 1 percent of the stolen funds from the Horizon Bridge
By Shashank Bhardwaj
On Thursday, Harmony, the Layer -1 blockchain’s main bridge to Ethereum, Bitcoin and Binance Chain, got hacked. Horizon Bridge was exploited for $100 million in altcoins that were being swapped for Ether crypto. However, the Bitcoin bridge was not touched in this attack.
On June 25, in an incident response update, Harmony ecosystem founder Stephen Tse, in his tweet, notified that the hack was a result of private keys being compromised. The attackers did not hack the bridge by breaching a smart contract code.
On June 26, the Harmony team announced in a tweet a bounty of 1 percent of the stolen figure, which is $100 in crypto and no criminal charges on the return of funds that were stolen from the Horizon Bridge.
However, the hackers rejected the comparatively small amount offered as a bounty. They had started moving the stolen funds to the Tornado Cash Ethereum mixer the day after. On Tuesday, 03:10 a.m. EST (12:40 p.m. IST), a total of 18,036.3 Ether ($21 million) was moved out of the Horizon Bridge hacker’s primary wallet.
These funds were divided into three equal parts and transferred to three different addresses. Two of these wallets have already been mixed, and the third wallet is on the way, sending batches of 100 ETH each to Tornado every eight minutes. Ether worth $80 million is still in the primary wallet of the hacker, which could be either returned to the Horizon bridge or may be moved to TOrnado after a break.
In response to the modest bounty offered by Harmony, Degen Spartan, a crypto asset trader, tweeted $1 million as an “insulting amount”. He added, “These people are just doing performance art to mitigate legal liability.”
According to Tse, since the hack, the bridge on Ethereum’s side has shifted to a 4-5 multisig. A multisig is a crypto asset wallet that requires several key holders to approve any transaction on the platform.
The exploitability of a multisig wallet that requires two of the five signers to approve a transaction was highlighted in April. However, the matter has not been dealt with yet. Initially, the exploited value of Ether crypto was $100 million, but the positive movements in the crypto-asset market have increased the value of the stolen funds to $101.5 million.
Shashank is the founder of yMedia. He ventured into crypto in 2013 and is an ETH maximalist. Twitter: @bhardwajshash