FBI Probes $100 Million Blockchain Theft from Harmony Company: Investigation Update & Insights

2 min read

FBI investigating $100 million theft from blockchain company Harmony

Harmony Suffers $100 Million Cryptocurrency Theft

Blockchain company Harmony reported that approximately $100 million in cryptocurrency was stolen from its platform on Thursday evening. The Federal Bureau of Investigation (FBI) is now involved in the investigation, alongside several cybersecurity firms to address the breach.

Understanding Cross-Chain Bridges

Cross-chain bridges, which facilitate the transfer of tokens, assets, smart contract instructions, and data across different blockchains, have become increasingly vulnerable to cyberattacks in recent months. Exploits targeting these bridges have resulted in significant financial losses, amounting to millions of dollars.

Measures Taken by Harmony

Harmony, a platform that enables users to send cryptocurrencies, stablecoins, and non-fungible tokens (NFTs) between various blockchains including Ethereum and Binance Smart Chain, has taken immediate action by notifying other exchanges and halting operations on the Horizon bridge to prevent any further transactions. In a tweet, the Harmony team confirmed the theft and stated, “We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds.”

Details of the Attack

The hackers managed to steal approximately 85,837.252 Ethereum during the breach. Harmony stated, “We have also notified exchanges and stopped the Horizon bridge to prevent further transactions. The team is all hands on deck as investigations continue.”

Security Concerns Raised by Experts

PeckShield, a blockchain security firm, reported that the attackers likely compromised private keys, which allowed them to validate fraudulent transactions. They noted that the Harmony bridge operates on a “2-out-of-4 multisig” system, enabling the hackers to control the funds by accessing the requisite private keys.

Criticism of Harmony’s Security Protocols

CertiK, another blockchain security company, confirmed that once the attackers accessed the owners of Horizon’s multiSig wallets, they began to drain significant amounts of altcoins from Harmony. Experts are still investigating how the hackers gained access to the MultiSig Wallets, with CertiK criticizing Harmony for its security design that permits only two signatures for transaction validation. They stated, “Horizon’s system of only requiring two out of four signatures has raised concerns in the past. Having only two signatures required to access such privileged controls is a glaring security vulnerability, and naturally makes an enticing target for a hacker.”

Comparisons to Other High-Profile Hacks

This incident bears resemblance to the Ronin Bridge hack that occurred in March, where a hacker stole $600 million after gaining control of the necessary nodes for withdrawal validation. Harmony experienced a similar exploitation in January, and experts have long warned about the vulnerabilities inherent in the company’s security framework. One expert had previously indicated that compromising just two of the four multisig signers could lead to “another 9-figure hack.”

The Growing Problem of Blockchain Bridge Attacks

Attacks on blockchain bridges have surged in frequency over the past year. In addition to the Ronin Bridge incident, a hacker exploited a vulnerability in the Wormhole cryptocurrency platform in February, resulting in the theft of roughly $322 million in Ether. A week prior, another hacker stole $80 million from Qubit Finance through a similar method.

The Need for Improved Security in Web3

“The fact that we are again seeing such huge losses from attacks on cross-chain bridges is a reminder of the significant demand for this kind of infrastructure in web3, as well as the severe and persistent security vulnerabilities they face,” remarked CertiK CEO Ronghui Gu. He emphasized that addressing the security issues associated with cross-chain bridges is crucial for the establishment of a secure web3 ecosystem in the future.