Connect with us
Active Currencies 16229
Market Cap $3,485,645,423,673.70
Bitcoin Share 54.98%
24h Market Cap Change $-3.42

Token bridge Nomad drained of <$200M after latest exploit

3min Read

Share this article

On Monday, the Nomad cross-chain token bridge was attacked, and the attackers practically drained the protocol of all its cash. Nearly $200 million worth of cryptocurrencies were lost as a result of the hack.

Like other cross-chain bridges, Nomad enables users to transfer tokens back and forth between several blockchains. The attack on Monday is the most recent in a line of widely reported instances that have raised concerns about the safety of cross-chain bridges.

According to DeFi tracking platform DeFi Llama, almost all of the bridge’s $200 million in cryptocurrencies has been taken, leaving only $651.54 in the wallet.

Nomad then later claimed that some of the money had been taken out by “white hat pals” who did it to protect them.

So, how did this happen?

Bridges typically function by reissuing tokens in “wrapped” form on a different chain after locking them up in a smart contract on one network. The wrapped tokens lose their backing if the smart contract where they were initially deposited is compromised. This is what happened in Nomad’s case, making them worthless.

A researcher at the cryptocurrency investment company Paradigm, @samczsun, explained on Twitter that a recent change to one of Nomad’s smart contracts made it simple for users to counterfeit transactions. The Nomad bridge may thus be used by users to withdraw money that did not genuinely belong to them.

The Nomad attack was free for all, unlike some bridge attacks where a single perpetrator is responsible for the entire vulnerability.

 

The incident saw WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL), and Charli3 (C3) tokens being drained out from the bridge.

Beware of Impersonators!

After learning about the issue, Nomad informed its users about it. Additionally, the business warned users to watch out for imposters. Nomad tweeted,

“We’re aware of impersonators posing as Nomad and providing fraudulent addresses to collect funds. We aren’t yet providing instructions to return bridge funds. Disregard comms from all channels other than Nomad’s official channel.”

The MoonBeam network has essentially been put on hold while the team investigates. As a result, interactions between smart contracts and normal transactions using MoonBeam will no longer be possible.

At least one person has publicly stated their intention to pose as a white hat hacker who will restore the money taken from the bridge so far. In fact, Nomad was contacted by one user who tweeted,

“It’s a white hack, I guess. I’m going to give the money back.”

More and more bridge attacks

Bridge attacks have increased in frequency in recent months as cryptocurrency users have shown a greater desire to transfer funds between various blockchains.

While cross-chain bridges have enabled the spread of fledgling blockchains, bridge failures can be disastrous for smaller chains that depend on them for a significant portion of their overall liquidity.

One of Nomad’s more recent blockchains, Evmos, tweeted reacted to the incident too. It claimed that the Nomad episode “seriously damages initial Evmos [total value locked],” and it would be “brainstorming community solutions.”

Share

Jibin Mathew George is Editor-in-Chief at AMBCrypto. A domain expert in International Relations (European Politics), he has always been a believer in the unlimited possibilities afforded by blockchain and by extension, cryptocurrencies. As someone who has been watching and writing about this space for over 5 years now, Jibin has closely tracked the emergence of cryptos and digital assets as a separate asset class in portfolios world over. A lawyer by training, he previously contributed to the News and Research desk of Diplomacy & Beyond Plus. Before his stint at D&B, he was Editor at ED Times. Jibin also takes a great interest in politics, especially the corresponding effect political decisions and fiscal policy have on the world of finance, with a special focus on cryptocurrencies.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.