Harmony, a blockchain company, is now offering a $1 million bounty to the hackers who managed to steal upwards of $100 million in Ethereum tokens.
Harmony works as a bridge between different blockchains, offering cross-chain transfers with Ethereum, Binance and three other chains. Hackers attacked the proprietary Horizon Ethereum Bridge on June 23 and managed to extract $100 million worth of Ethereum tokens.
“Immediately following the attack, multiple cyber security partners, exchange partners, and the FBI were notified and requested to assist with an investigation in identifying the culprit and methods to retrieve stolen assets,” the company said immediately after the incident.
The company even tried to communicate with the hacker by embedding a message in a transaction to the culprit’s 0x address. It’s unclear whether the hacker responded.
Obvious questions remain: Is the platform secure? And how did they get $100 million? According to Harmony’s founder, Stephen Tse, the investigation found no evidence of any breaches of the smart contract codes or vulnerabilities in the Horizon platform.
From the looks of it, the attacker figured out a way to decrypt some private keys, take assets in the form of BUSB, USDC, ETH and WBTC, and swap them to ETH. Furthermore, the attacker made no effort to anonymize ownership of these assets, and the funds remain in place, for now at least.
“We commit to a $1M bounty for the return of Horizon bridge funds and sharing exploit information,” said the company in a Tweet. “Harmony will advocate for no criminal charges when funds are returned.”