Harmony Offers $1 Million Reward: A Desperate Attempt to Recover the Stolen $100 Million
Evening
So we have a latest development regarding the recent Harmony's Horizon Bridge mega hack. Harmony whose Horizon bridge was hacked for $100 million dollar two days ago, is offering $1 million reward money for information leading to the return of of stolen funds. Harmony's official twitter handle made the announcement today. Harmony also assured that they won't press criminal charges if funds get recovered.
We commit to a $1M bounty for the return of Horizon bridge funds and sharing exploit information.
โ Harmony ๐ (@harmonyprotocol) June 26, 2022
Contact us at [email protected] or ETH address 0xd6ddd996b2d5b7db22306654fd548ba2a58693ac.
Harmony will advocate for no criminal charges when funds are returned.
Harmony's multichain Horizon bridge was exploited two days ago as hacker managed to get a hold of two out of four signees require to approve transactions, and resultantly drained the bridge wallet of $100 million worth tokens. The mega hack adds to the list of recent crypto bridge exploits e.g. Solana Wormhole and Axie Ronin Bridge hacks.
Recent multiple million dollar crypto bridge exploits are an indicator of inherent vulnerability that the multiple sig validation system presents, leading to a 51% attack. In case of Ronin only 5 out of 9 validators were required to verify the transactions and hacker managed to get hold of 5 validator signatures. In case of Harmony the validator signees required were even lesser, only 2.
What does Harmony's Offer Means? Harmony's $1 million bounty can be taken as an indication that the hacker didn't turned out to be white hat, so they are offering reward money to close associates or friends of hacker to snitch upon them. They are also assuring no legal action in case of return of stolen funds, a way of pursuing any reluctant witness to come forward.
What are the Chances of Recovery? Well honestly as we have witnessed in past, chances of funds recovery in these kind of exploits are always thin, unless un till the hacker himself come forward voluntarily. Most of the time behind these multi-million exploits is a well coordinated by a professional group of hackers. In Ronin's case infamous North Korean Lazarus group of hackers was involved. So, any chances of funds recovery by bounty provocations like this one are always slim. Harmony have confirmed that they have identified the exploiter's wallet and are coordinating with law enforcement to help tract the perpetrator. But considering the jurisdictional limitations any chances of apprehending the perpetrators are also close to zero.
For now it is safe to assume that the Harmony's stolen $100 million are gone for good. And instead of focusing on tracking the hacker, Harmony's should focus more on security of their systems.
I would only term the reward offering as a desperate attempt on Harmony's part!
Posted Using LeoFinance Beta
