The $190 million in assets trapped on the bridge appear to have all been removed in just a few hours by hundreds of would-be hackers and even a few white hat nice guys determined to restore the monies!
A new, significant crypto bridge hack
It appears that the Nomad bridge experienced a security breach that gave hackers access to a sizable percentage of the bridge’s cash through a protracted series of transactions.
Decentralized finance (DeFi) tracking platform DefiLlama reports that only $651.54 of the bridge’s $190.7 million in cryptocurrency is still in the wallet. Later on, Nomad told Cointelegraph that he believed that some of the money had actually been taken out by “white hat pals” who had gathered it with the goal of conserving it.
Nomad bridge is getting drained, your funds might be at risk and might be able to still withdraw the remaining funds ⚠️ https://t.co/RgYmjSV9eB
— stani.lens (🌿,👻) (@StaniKulechov) August 1, 2022
At 21:32 UTC, the first dubious withdrawal from the bridge of 100 Wrapped Bitcoin (WBTC), worth roughly $2 million, which may be the source of this breach, took place.
The Nomad’s team acknowledged that they were aware of “the situation involving bridge Nomad” and that they were “currently investigating the incident” at 23:35 UTC, a short time after the community had alerted them to this potential hack.
Nomad claimed that at least some of those who seized the money were acting benevolently to prevent the cryptocurrency from ending up in the wrong hands in an email response to Cointelegraph on Tuesday. According to the team, they have hired ‘top organizations specializing in blockchain intelligence and forensics’:
- Nomad has informed the legal authorities and is working tirelessly to deal with the situation and provide updated information. Nomad’s objective is to identify the accounts involved and to trace and recover the funds. Nomad is grateful to its many white hat friends who moved quickly to withdraw and save the funds.
White Hats in action?
One person has so far promised to pose as a “white hat” and return money that was taken from the Bridge. This is a whitehack, tweeted the person who goes by the Twitter handle Notifi Bot to Nomad. I’m going to refund the money.
This is a whitehack. I plan to return the funds. Waiting for official communication from Nomad team (please provide an email id for communication). I have not swapped any assets even after knowing that USDC can be frozen. Transferred USD...https://t.co/ffWoS2kOSA
— Notifi Bot (@notifi_xyz) August 2, 2022
WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), or Card Starter (CARDS) tokens were also taken during this event. Each token was produced by the hackers in approximately identical denominations, which is a unique approach to produce tokens. For instance, almost 200 transactions totaling exactly 202,440.725413 USDC have been made.
Token transfers between Avalanche, Ethereum, Evmos, Milkomeda C1, and Moonbeam are made possible through Nomad, a bridge. This occurrence, in contrast to earlier hacks that were quite typical in 2022, has hundreds of addresses obtaining tokens directly from the bridge thus far.
Moonbeam standing still
At 23:18 UTC, the Moonbeam smart contract platform of the Polkadot network entered maintenance mode “to investigate a security incident,” with its native token GLMR being one of those targeted by Nomad’s hack. As a result, functions of Moonbeam like ordinary user transactions and interactions with smart contracts have been blocked.
1/ Important Notice: The Moonbeam Network has gone into Maintenance Mode in order to investigate a security incident with a smart contract deployed on the network.
— Moonbeam Network (@MoonbeamNetwork) August 1, 2022
The attack had a negative impact on the bridge because it held a fundraising in April. Coinbase Ventures, OpenSea, and five other significant crypto industry businesses took part in this seed investment in April, the project stated in a tweet on Friday. This funding helped Nomad reach a valuation of $225 million. Therefore, this attack runs the potential of severely damaging bridge’s reputation among investors and users.
