Jun 27, 2022 Camille A. Hanard

Harmony announces a $1 million bounty to recover stolen funds

Two days after the Horizon bridge exploit, the Harmony team announced they will grant $1 million bounty for the return of $100 million worth of digital assets and for sharing information on the exploit. Harmony also assures that no criminal charges will be taken against the attacker if the stolen assets are returned.

The crypto community, however, has doubted that this measure will incentivize the attacker to cooperate pointing at the modest bounty rewards constituting only 1% of the stolen amount. 

Following the incident, the founder of Harmony Stephen Tse wrote on Twitter that the exploit did not happen due to a smart contract bug. “The team has found evidence that private keys were compromised, leading to the breach of our Horizon bridge. Funds were stolen from the Ethereum side of the bridge”. 

In addition, Tse claims that Harmony’s private keys were doubly encrypted using a passphrase and a key management service. However, the attacker managed to access and decrypt some of these private keys to sign unauthorized transactions.

As of the time of this writing, the attackers had just started moving some of the stolen funds, with $22 million of them already transferred to another wallet from which they are being syphoned to a Tornado Cash intermediary address.

Author:

Camille A. Hanard

Camille A. Hanard

Last updated: Jul 19, 2022

Recent news:

Video Tutorials