Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
SunSec Profile picture
SunSec
@1nf0s3cpt
CISO @xrexinc | Founder @DeFiHackLabs Web3 Security Community.

Jun 24, 2022, 8 tweets

Hackers exploited a vulnerability to steal 85,837 ETH (appr. $100 million) from Harmony's Horizon Bridge.

All the tokens drained to this address
etherscan.io/address/0x0d04…

Bridge address:
0x2dccdb493827e15a5dc8f8b72147e6c4a5620857
#harmonyprotocol

First exploited since block 15012646, transfered 13,100 Ether.
TransactionID: 21106
etherscan.io/tx/0x27981c728…

Confrimed by two wallets. 2 of 5 approval will trigger transaction.
0xf845A7ee8477AD1FB4446651E548901a2635A915
0x812d8622C6F3c45959439e7ede3C580dA06f8f25

You can check @harmonyprotocol transaction details here:
etherscan.io/address/0x715c…

Lazarus? 👀

Harmony bridge address:
etherscan.io/address/0x2dcc…

Harmony multiSig wallet: etherscan.io/address/0x715c…

Attacker's EOA addresses
0x0d043128146654C7683Fbf30ac98D7B2285DeD00
0x9E91ae672E7f7330Fc6B9bAb9C259BD94Cd08715

Harmony's Horizon Bridge - Private key compromised case of Multisig wallet poc.
To learn multisig wallet process.
github.com/SunWeb3Sec/DeF…
#Defi #HarmonyONE

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling