Harmony Places a $1 Million Bounty on Stolen funds
- Harmony protocol is working with top cybersecurity experts to recover the stolen funds.
- Over $1 billion has been stolen from crypto platforms in 2022.
The Proof of Stake blockchain, Harmony Protocol, has moved to recover its stolen funds and has placed a $1 million bounty for the return of funds, promising not to press charges should the money be returned. Harmony’s Horizon Bridge recently suffered a hack, losing about $100 million in the process. The platform became the latest protocol to suffer loss in the hands of crypto hackers.
Twitter users expressed varying opinions on Harmony’s decision to offer a $1 million bounty while the hacker is in possession of $100 million worth of Ethereum tokens. Some believed that the hacker would most likely not risk exposure by communicating with the team. However, others noted that the offer was the best choice the hacker has.
Harmony further assured its community of steps taken to recover the funds and bring normalcy back to the protocol. In a thread of tweets, the platform noted that it had a group of well-experienced individuals around the world investigating the case. It wrote in the tweet,
Our investigation team is comprised of engineers located around the world including the US, Greece, India, and Cambodia. Team members handed off their findings to our US colleagues at 8:30 AM PST who have resumed the investigation alongside our cyber security partners.
Harmony Protocol’s founder and CEO, Stephen Tse has been actively updating the community on the situation as well as sharing details about the hack. In one of his tweets, Stephen explained that,
Incident response has found no evidence of smart contract code breach. No evidence of any vulnerability on the Horizon platform was found. Our consensus layer of the Harmony blockchain remains secure. The team has found evidence that private keys were compromised, leading to the breach of our Horizon bridge. Funds were stolen from the Ethereum side of the bridge.
Stephen further noted that Harmony encrypted the private keys and saved them. According to the tweet, the protocol used a password and a key management service to ensure that the keys were double encrypted. Unfortunately, some of these keys, that were used to sign the fraudulent transactions, were accessible to and decrypted by the attacker. The hacker made away with assets in ETH, USD, WBTC, and USDC.
The Horizon bridge enables the exchange of coins from several blockchains. Harmony said it is working with national authorities and forensic professionals to find the perpetrator and retrieve the stolen funds.
Harmony’s Attack Raises More Questions About Security
Harmony’s attack is not only a concern for its users but for the whole crypto ecosystem. It raises questions over the security of most protocols involved in bridging funds. Hackers seem to have found ways to exploit these crypto platforms and it is becoming a frequent event. Reports state that over $1 billion has been stolen in crypto since the year began These figures call for concern and urgent security measures.