Nomad Bridge Loses $190m In ExploitAdmin
The Nomad Bridge converted around 190 million US dollars through an exploit. After word of the banal mistake got around, there was an enormous rush for the project. Soldiers of fortune tried to get as much as possible.
Nomad Bridge falls victim to poor security
The emergence of various cryptocurrencies requires increasing interoperability. Token bridges play their role in this. Users can exchange different coins or tokens with each other with ease.
Ethereum initiator Vitalik Buterin recognized bridges as one of the most significant weaknesses in the crypto world. Buterin’s fears come true. Again and again, there are attacks on bridges.
An attack on the Wormhole Bridge and the hacking of the Ronin Bridge in the spring of this year has already caused damage of 325 and 540 million US dollars. Both values are among the top 10 biggest crypto hacks.
The Nomad Bridge loses a whopping $190 million. However, there are differences compared to previous attacks.
Usually, competent programmers look for bugs in the code of the bridges, which they can exploit. Investigative authorities often suspect professional hackers like the Lazarus Group behind the attacks.
In the case of the Nomad Bridge, observers report, everything was much more chaotic. A trivial mistake made it very easy to steal funds.
WBTC and WETH are lost
The exploit was so banal that only a small deposit was required – and the insertion of a simple command. The attackers were already able to obtain cryptocurrencies without authorization.
And that’s precisely what they did – until the liquidity behind the Nomad Bridge almost wholly disappeared. Tens of millions of dollars in crypto assets are down to just $15,700, according to DeFiLlama.
The main items stolen were Wrapped Bitcoin (WBTC ), Wrapped Ethereum (WETH), and USD Coin (USDC). Blockchain researcher samczsun calls the attack “one of Web3’s most messy hacks.”
After the exploit became a topic of conversation among attackers, there was a mass rush to the Nomad Bridge.
The developers wrote on Twitter that there had been “an incident” that is now being investigated. The reaction caused incomprehension among some readers, as attackers almost wholly cleared the Nomad Bridge.