new blow, 200 million dollars has just been hacked

Hacks with crypto thefts have been numerous in recent months. Last June, for example, a hack led to the theft of the equivalent of $100 million in crypto. In both cases this theft of cryptoassets involves a bridge – these actors specialized in the instantaneous exchange of funds between the blockchain.

Nevertheless in the case of Nomad, it seems that a particularly gross error is involved. The Nomad Bridge is indeed governed by a 100% open source smart contract. It is therefore possible to directly consult the code and flush out flaws. Or, a misconfiguration of the smart contract allows anyone to re-validate transactions already made by changing the address of the recipient.

Massive hack targets Nomad crypto bridge

A process so simple, that it was actually not even a question of having very advanced knowledge. In fact, when Nomad users began to see funds being stolen from multiple addresses, some quickly caught on to the scheme, and attempted to recover the stolen monies using the same process as the hackers. Enough to create what somehow looks like the first mass “looting” in the history of cryptos.

For his part Nomad explains on Twitter: “We are working hard to resolve the situation, have notified the authorities and have reached out to leaders in blockchain intelligence and investigations. Our goal is to identify the accounts involved and track and trace the funds. Thank you to our many White Hat friends who acted upstream to protect the funds.”

As the firm mentions, part of the stolen sums could be recovered for free thanks to the action of certain ethical hackers. However, it is not clear at this stage the extent of the sums that could have been secured in this way. To make matters worse, according to Nomad, bad actors are currently trying to impersonate the bridge with messages that urge ethical hackers to return the funds… to an address under their control.

Read also – Cryptocurrency theft is exploding this year, what’s going on?

Nomad points out that for now “there are no instructions [officielles] to return the sums of the bridge”. And to add: “please continue to keep them as long as we can give you the procedure to make them on this Twitter thread”.

Leave a Comment