Hackers stole approximately $200 million in cryptocurrencies from the blockchain platform Nomad. Nomad is a cryptocurrency bridge that enables users to exchange cryptocurrencies across two or more blockchains. Decentralized Finance (DeFi) systems, which make it easier to borrow and lend crypto assets, see this as bad news.
The official Twitter account for the Nomad project has recognized the breach. The business acknowledged the attack and stated that it had informed law police and that its team was “working around the clock to remedy the matter.” Here, we describe how Nomad, one of the largest blockchain platforms, was plundered by hackers.
In the real world, bridges link two distinct places. Similar to this, a bridge in the blockchain ecosystem makes it possible for two blockchains to communicate with one another and transfer cryptocurrency.
For instance, you have INR but require USD to spend when you book a vacation from India to the USA. You may use a currency exchange to convert your INR to USD for a nominal cost. You may swap cryptocurrency on another blockchain by using blockchain bridges. Consider a scenario in which you have some Ethereum on the Ethereum blockchain and want to move your cryptocurrency to the Arbitrum chain. Bridges are the sole means of doing this. Blockchain bridges do, however, levy a tiny transaction fee for the same.
The hack is easy to understand. It all began when hackers updated the Nomad code. DeFi systems are notable for being open protocols, which allow anybody to see the source code. Modifying the source code is difficult, though. Every update must have automated approval, which happens on the blockchain.
Read More: Grand Theft NFT
A fault in the project’s smart contract automatically validated the alterations made by the hacker and permitted authorization of withdrawal of cryptocurrency assets, according to Samczsun, a researcher at the crypto and Web3 investing business Paradigm. This is the reason why the hack was so disorganized, said samczsun. The researcher thinks that several attackers realized what was happening, used bots to launch copycat assaults, and withdrew more than $200 million in cryptocurrency.
Recovering the Funds
Nomad has asked hackers to repay the money in a tweet. “We now have a way for you to do so if you are a white hat hacker / ethical security researcher who took tokens intending to return them.”
The business claims that it is actively collaborating with law enforcement, and a top intelligence agency, TRM Labs, to track money transfers and pinpoint recipient wallets to organize money transfers back to their rightful owners. The firm stated on Twitter that the promptness of the monies back was crucial. “As the investigation continues, everyone parties are prepared to take required action in the next days,” it read.
It is a Habit
Blockchain bridges have previously been the target of hackers. A blockchain bridge with the name of Ronin was used to steal $600 million in cryptocurrency in April 2022. A similar attempt months later resulted in the $100 million draining of another bridge, Harmony.
According to the cryptocurrency compliance business Elliptic, over $1 billion in cryptocurrency assets have been stolen using bridge attacks so far in 2022. This is because bridges are a popular target for hackers because of instances of bad design.
Read More: Top Five Crypto Scams of 2022