Harmony Bridge
Contents
Harmony Bridge - REKT
Harmony has hit a bum note.
To the tune of $100M.
This is the 3rd bridge in the top 10, and the second drained via compromised private keys.
Over 14 hours after the first funds began to move, the theft was announced.
Were nine figures really secured by just two signatures?
Credit: RugDocIO, BeosinAlert
The Harmony Bridge was secured by a 2 of 5 multisig, of which the following addresses were compromised:
0xf845A7ee8477AD1FB4446651E548901a2635A915
0x812d8622C6F3c45959439e7ede3C580dA06f8f25
The attack vector which allowed the hacker to take control of these addresses remains unknown, though some have speculated that they were hot wallets with private keys kept in plaintext.
If an attacker managed to gain access to the servers running these hot wallets, they would have access to the two addresses necessary to pass any transactions they like, such as draining $100M from the bridge.
Exploiter address: 0x0d043128146654c7683fbf30ac98d7b2285ded00
Harmony ETH Bridge: 0xf9fb1c508ff49f78b60d3a96dea99fa5d7f3a8a6
Harmony ERC20 Bridge: 0x2dCCDB493827E15a5dC8f8b72147E6c4A5620857
Harmony BUSD Bridge: 0xfd53b1b4af84d59b20bf2c20ca89a6beeaa2c628
Beginning at 11:06 UTC, the hacker sent …
Harmony has hit a bum note.
To the tune of $100M.
This is the 3rd bridge in the top 10, and the second drained via compromised private keys.
Over 14 hours after the first funds began to move, the theft was announced.
Were nine figures really secured by just two signatures?
Credit: RugDocIO, BeosinAlert
The Harmony Bridge was secured by a 2 of 5 multisig, of which the following addresses were compromised:
0xf845A7ee8477AD1FB4446651E548901a2635A915
0x812d8622C6F3c45959439e7ede3C580dA06f8f25
The attack vector which allowed the hacker to take control of these addresses remains unknown, though some have speculated that they were hot wallets with private keys kept in plaintext.
If an attacker managed to gain access to the servers running these hot wallets, they would have access to the two addresses necessary to pass any transactions they like, such as draining $100M from the bridge.
Exploiter address: 0x0d043128146654c7683fbf30ac98d7b2285ded00
Harmony ETH Bridge: 0xf9fb1c508ff49f78b60d3a96dea99fa5d7f3a8a6
Harmony ERC20 Bridge: 0x2dCCDB493827E15a5dC8f8b72147E6c4A5620857
Harmony BUSD Bridge: 0xfd53b1b4af84d59b20bf2c20ca89a6beeaa2c628
Beginning at 11:06 UTC, the hacker sent …