Hack Track: Analysis of Harmony's Horizon Bridge Exploit
Contents
Hack Track: Analysis of Harmony's Horizon Bridge Exploit
Merkle Science
[Update 2022.07.10]
Our previous analysis showed that the exploiter had transferred the stolen crypto assets from the Horizon bridge to an address controlled by him via 9 transactions. Following that, the exploiter started swapping crypto assets such as WETH, SUSHI, AAVE, DAI, etc. into ETH via multiple smart contract calls. The exploiter then broke down 18k+ of the swapped ETH into smaller amounts and dispersed it into multiple wallets. Subsequently, he started moving funds into Tornado Cash.
As of July 10, 2022, the exploiter has moved roughly 85,700 ETH to Tornado. Cash: Router from 14 different addresses which were linked to the Harmony Bridge Exploit
Figure 1: Funds transferred to Tornado Cash by the Hacker
Depositing Stolen Funds into Tornado Cash
According to our analysis, the stolen funds were routed to Tornado Cash’s 100 ETH (T100) contract. We came to this conclusion by examining the spike in …
Merkle Science
[Update 2022.07.10]
Our previous analysis showed that the exploiter had transferred the stolen crypto assets from the Horizon bridge to an address controlled by him via 9 transactions. Following that, the exploiter started swapping crypto assets such as WETH, SUSHI, AAVE, DAI, etc. into ETH via multiple smart contract calls. The exploiter then broke down 18k+ of the swapped ETH into smaller amounts and dispersed it into multiple wallets. Subsequently, he started moving funds into Tornado Cash.
As of July 10, 2022, the exploiter has moved roughly 85,700 ETH to Tornado. Cash: Router from 14 different addresses which were linked to the Harmony Bridge Exploit
Figure 1: Funds transferred to Tornado Cash by the Hacker
Depositing Stolen Funds into Tornado Cash
According to our analysis, the stolen funds were routed to Tornado Cash’s 100 ETH (T100) contract. We came to this conclusion by examining the spike in …
IoC
0d043128146654c7683fbf30ac98d7b2285ded00
1Ec6F83b55C3F4CeFc630442716872BA15f16430
20dBCcD46eEF96A1b78383Cf0D26bB575EC00201
40eFc580e5cb5701797a762990D9E690108DADfD
432A9Cb4353bed67EC5351734d4a44C0826847Ae
4507AC1bdF4Ae5E61ffceC3A9AEDA312E2505970
58F4BACcb411ACef70A5f6DD174Af7854fc48Fa9
89f89D61644c6e606efb25A01210159f102FbD8b
8a0858888bEEb5D1435Ecd3657831699f169c3f4
9E91ae672E7f7330Fc6B9bAb9C259BD94Cd08715
1Ec6F83b55C3F4CeFc630442716872BA15f16430
20dBCcD46eEF96A1b78383Cf0D26bB575EC00201
40eFc580e5cb5701797a762990D9E690108DADfD
432A9Cb4353bed67EC5351734d4a44C0826847Ae
4507AC1bdF4Ae5E61ffceC3A9AEDA312E2505970
58F4BACcb411ACef70A5f6DD174Af7854fc48Fa9
89f89D61644c6e606efb25A01210159f102FbD8b
8a0858888bEEb5D1435Ecd3657831699f169c3f4
9E91ae672E7f7330Fc6B9bAb9C259BD94Cd08715