Harmony Hackers Begin Laundering Ethereum Stolen From Horizon Bridge

The robbers have sent $36 million of the $100 million in stolen Ethereum to a mixing service.

Harmony Hackers Begin Laundering Ethereum Stolen From Horizon Bridge

According to PeckShield The hackers responsible for stealing $100 million in altcoins from Harmony Protocol's Horizon bridge have begun to launder the funds.

The hackers sent their transactions from the address used in the June 23rd hack totaling around 30k ETH to the mixing service Tornado Cash, with $64 million still in the hacker's Ethereum Wallet, according to a blockchain breakdown by the blockchain security company.

Harmony is a Layer 1 proof-of-stake blockchain launched in 2019. its Horizon bridge allows users to send cryptocurrencies between blockchains like Harmony's network and Ethereum, Binance Chain, and Bitcoin. 

Crypto mixing services allow users to conceal the origins of their cryptocurrencies by pooling significant amounts of coins in a single pool and mixing them a process commonly used to launder illicitly acquired tokens. 

Hack, $100 million in Wrapped Ethereum AAVE, SUSHI, DAI, Tether, and USD Coin were stolen and then swapped for Ethereum. 

Though initially reported as an exploit of the Harmony protocol, the company has since declared that it has "found no evidence in any breaches of our smart contracts codes nor vulnerabilities on the Horizon platform"

The Harmony protocol hack is the latest in multimillion-dollar thefts targeting DeFi protocols in March, hackers linked to North Korea stole $622 million from Axie infinity's Ethereum sidechain. 

Harmony Protocol offered a $1 million bounty for the return of the bridge funds, saying on Twitter that the company would not advocate for criminal charges if the funds were returned.

Harmony assured its users that the theft did not impact its BTC bridge and that the company was working with national authorities and forensic specialists to identify the culprit and retrieve the funds. Also, Harmony increased its security measures. 

"We have migrated the Ethereum side of the Horizon bridge to a 4 to 5 multisig since the incident" Harmony founder Stephen tweeted, which means that at least four of five separate private keys will be needed to sign and authorize transactions. "We will continue taking steps to further harden our operations and infrastructure security."

Related: Crypto.com Will Now Allow Users To Buy Crypto With Apple Pay