Backup Header Below

Harmony’s $100M Hack Was Due to a Compromised Multi-Sig Scheme, Says Analyst

On June 23, 2022, the Harmony development team announced that $100 million was siphoned from the Horizon bridge, and the organization explained it was working with national authorities and forensic specialists. According to an account published Polygon’s chief information security officer, Mudit Gupta, the Horizon bridge attacker allegedly took control of the multi-signature wallet leveraged in Harmony’s bridge.

“The attacker compromised the server(s) that these hot wallets were running on,” the Polygon CSO wrote on Friday. “Once inside the server, they could access the keys that were kept in plaintext for signing legit transactions. The server exploit was likely either SSH key compromise or social engineering. This is eerily similar to how Ronin was hacked.” The analyst further added:

This was not a ‘Blockchain Hack.’ It was a ‘Traditional Hack.’ I’ve been begging protocols to focus on traditional security too alongside blockchain security for months now…

What do you think about the Harmony exploit for $100 million? Let us know what you think about this subject in the comments section below.


Other Press Releases