Nomad Cross-Chain Bridge Drained of Nearly $200M in Exploit

Profile picture
Crypto Daily™
18w ago2022-08-02

The cross-chain token bridge Nomad suffered an exploit on Monday, August 1, with attackers draining the protocol of nearly all its funds. The total value of cryptocurrencies lost to the attack has totaled nearly $200 million. Hundreds of potential exploiters, including white hat hackers who intend to return the funds, managed to remove all the bridge’s total locked value (TVL) in just a matter of hours.

This attack is the most recent in a string of highly publicized incident that calls into question the security of cross-chain bridges. Nomad, like other cross-chain bridges, allows its users to send and receive tokens between different blockchains. Nearly the entire $190.7 million in cryptocurrencies has been removed from the bridge, with only $651.54 left remaining in the wallet according to decentralised finance tracking platform DeFi Llama. Nomad has however suggested that some of the funds were withdrawn by white hat hackers with the intention of keeping them safe. The Nomad team confirmed the exploit to CoinDesk in a statement saying,

An investigation is ongoing and leading firms for blockchain intelligence and forensics have been retained. We have notified law enforcement and are working around the clock to address the situation and provide timely updates. Our goal is to identify the accounts involved and to trace and recover the funds.

The first transaction thought to be suspicious and which may have been the genesis of the ongoing exploit came at 9:32 pm UTC when someone managed to remove 100 Wrapped Bitcoin (WBTC) worth about $2.3 million from the bridge. The community shortly thereafter raised alarm bells over the potential exploit and the Nomad team confirmed at 11:35 UTC that it was aware of the “incident involving the Nomad token bridge” adding it is “currently investigating the incident.”

Thus far, one individual has come forward as a white hat hacker who intends to return to funds they took from the bridge. The individual goes by ‘Notify Bot’ on Twitter and said,

This is a whitehack. I plan to return the funds. Waiting for official communication from Nomad team (please provide an email id for communication). I have not swapped any assets even after knowing that USDC can be frozen. Transferred USD...

Tokens were taken in a very unusual way as each was removed in nearly equivalent denominations. Transactions with exactly 202,440.725413 USDC were executed over 200 times for example. The incident also saw WBTC, Wrapped Ether, USD Coin, TRax, Covalent Query Token, Hummingbird Governance Token, IAGON, Dai, GeroWallet, Card Starter, Saddle DAO, and Charli3 tokens taken from the bridge.

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.