Horizon Hack Sees $100m Stolen From Crypto Bridge

The heist is the latest in a string of hacks on crypto bridges, combined losses of which now total over $1 billion.
Aaron Drapkin

Around $100m in cryptocurrency was stolen from the Horizon blockchain bridge recently, with a compromised private key to a crypto wallet thought to be behind the theft.

Blockchain bridges, which are used to transfer assets between different chains, have been at the center of several high-profile crypto hacks in recent years, leading major figures in the crypto world to advise against using them completely.

Private keys are used to secure crypto wallets, and password managers are considered one of the most secure places to store such keys.

Horizon’s Bridge is Burned

“The Harmony team has identified a theft occurring this morning on the Horizon bridge amounting to approx. $100MM [$100 million]” the company revealed on Twitter at the end of last week.

“We have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds” they added.

Horizon said it had temporarily paused the Horizon bridge to stop further transactions and assured users that the team was “all hands on deck” for the investigation.

What Is a Blockchain Bridge?

Harmony is a “blockchain bridge” – effectively a way of transferring assets between blockchains. Harmony acts as the bridge between the Ethereum network and the Binance Smart chain.

Vitalik Buterin, the co-founder of the Ethereum network, commented back in January that on the whole, blockchain bridges are insecure. He advised retaining all crypto assets on their native chain to avoid the risk.

Axie Infinity’s Ronin Bridge was hacked earlier this year to the tune of around $540m, with various other bridge hacks having taken place, including a $625m theft from the Poly Network bridge in August of last year and a $320m hack of the Wormhole bridge in February 2022.

To put it simply, bridges have increased the attack surface for hackers. But they’re also newer and have a much smaller development community, so the code hasn’t been scrutinized with the same intensity.

How Unsecured Crypto Wallets Lead to Theft

Although the full explanation of how the money was stolen in this case remains unclear, some researchers have suggested that it could all be down to a “private key compromise”.

The harmony bridge is secured by four multi-signature wallets, with authentication required from two out of four for a transaction to be executed.

A lot of large-scale crypto scams arise because hacks are able to obtain private keys needed to access crypto wallets. The existence of ‘hot wallets’ – crypto accounts that are always connected to the internet/cryptocurrency networks – creates further risks.

Why Using a Password Manager Is Advised

Password managers like LastPass are a great way to securely store the keys to your crypto wallet – much like the passwords to other accounts you own.

Not only will it mean you don’t have to remember it – reducing the risk that you’ll lock yourself out of your own account – but it means it’ll be secured with another password. With credentials for other accounts you own, it'll mean you'll be able to create sufficiently long passwords without having to keep track of them all.

Password managers are particularly good tools to encourage employees to use for their business account passwords, particularly if you're working with sensitive and confidential data on a day-to-day basis.

Nowadays, one weak password can compromise a whole company network – or blockchain bridge. Both can be financially disastrous – so make sure you use software programs and apps that are designed to help.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Aaron Drapkin is a Senior Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol three years ago. As a writer, Aaron takes a special interest in VPNs and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, The Week, and Politics.co.uk covering a wide range of topics.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals