Connect with us


Nomad Blockchain Bridge Looted for $190 Million by Crypto Users

The Nomad cross-chain bridge was hacked, but the hack was so simple that hundreds of users copied it and looted the rest of the $190 million in assets.

Yet another cross-chain cryptocurrency bridge, the Nomadic bridge, was stripped of nearly all of its assets, but this time it wasn’t just hackers who got involved. In a first for the blockchain industry, a 9-digit hack was committed not by a single hacker, or even a few hackers, but by hundreds of real users in what can only be described as a “frantic looting“.

Cross-chain bridges are a system of smart contracts and messaging scripts that connect one blockchain to another to enable the transfer of cryptocurrencies and NFTs between them. They work (usually) by storing the tokens in a smart contract on their “native“string, then hit a”envelopeversion of the tokens deposited on the other chain. Users can also withdraw their native tokens by depositing the wrapped tokens into the bridge, where they are burned. A common example is Wrapped Bitcoin, or WBTC, which allows users to send their BTC on the Bitcoin blockchain to the Ethereum blockchain where it can be used in Decentralized Finance (or “Challenge“). Bridges can wrap any type of blockchain token, including non-fungible tokens (or “NFT“) and stablecoins (stable cryptocurrencies against the dollar). Because they act as massive pools of cryptocurrencies and locked digital assets, bridges are the most attractive targets for hackers and present the greatest security risk to the blockchain ecosystem.


Related: What Web3 Music Streaming App Users Should Know About the $6 Million Hack

Yesterday, Tech Crunch and Gizmodo reported that the Nomad blockchain bridge had been hacked, but the hack was so simple that hundreds more users copy-pasted the transaction and dumped the $190 million bridge into this blockchain developer and Twitter user @0xfoobar calls, “the first decentralized plunder of a 9-digit bridge in history.“The Nomad Bridge connected Ethereum, Avalanche, Evmos, Moonbeam, and Milkomeda and held nearly $200 million in its system prior to the hack. After the hack was completed, there were only about $1,700 of assets left in the bridge’s smart contracts. Many users have come forward and admitted to being part of the looting spree, and have promised to return assets once a safe address can be provided. Others claimed to be hackers who intentionally exploited the bridge to protect the crypto assets held on it.

Blockchain Bridges Are Rich Targets

Blue-green hacker with ETH logo

Bridges are essential pieces of infrastructure for a multi-chain future, where many blockchains work together and share assets as a single unit. Just as the early internet was once a mess of different protocols that eventually settled on a single protocol, blockchain is also still a mess of protocols trying to interface with each other. For Web3 to be secure, privacy and asset custody issues need to be addressed, strong development standards are needed for cross-chain bridges, and better regulations are needed to protect users. Right now the blockchain is too hard to use, crypto wallets don’t have human readable names, users don’t know how to avoid phishing attacks and hacks are happening what seems like a weekly basis. Bridges are the richest of these targets, as they contain hundreds of millions of dollars in assets, and the lack of security standards means they are all built and managed differently.

While the damage is done, many honest users will give back what they took. However, dishonest users will likely keep what they stole, and will need to find a way to launder and cash out their crypto, since all cryptocurrency stolen from the Nomad Bridge is now associated with hacking and any attempt to deposit it. in an exchange account will alert the authorities. Blockchain analytics and security firms will be keeping tabs on addresses that participated in the Nomad looting spree, and Nomadic will likely appeal to honest participants to return the assets they stole.

Next: $400,000 in NFTs stolen via malicious link on Premint NFT service

Source: TechCrunch, Gizmodo, 0xfoobar/Twitter

Will Daredevil appear in She-Hulk?  No Return Home Set it up

Daredevil’s MCU Return Details Teased By She-Hulk Show Director

About the Author

#Nomad #Blockchain #Bridge #Looted #Million #Crypto #Users

Click to comment

Leave a Reply

Your email address will not be published.