Business News/ News / World/  Nomad token bridge hacked in nearly $200 million exploit. Here's what happened

Nomad bridge is the crypto project that has been the latest victim of a hack as the hackers made away with nearly all of the funds in the wallet. As per a report by CoinDesk, the total value of cryptocurrency lost to the attack has totaled near $200 million. 

Confirming the incident, Nomad tweeted, “We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them."

“We are aware of impersonators posing as Nomad and providing fraudulent addresses to collect funds. We are not yet providing instructions to return bridge funds. Disregard comms from all channels other than Nomad’s official channel: @nomadxyz_," it added in a series of tweets.

Nomad is a cross-chain communication standard that enables cheap and secure transfers of tokens and data between chains, and allows users to send and receive digital tokens between different blockchains.

Explaining how the Nomad bridge hack took place, @samczsun, a researcher at crypto investment firm Paradigm, explained that a recent update to one of Nomad’s smart contracts made it easy for users to spoof transactions. This meant users were able to withdraw money from the Nomad bridge that didn’t actually belong to them.

“This is why the hack was so chaotic - you didn't need to know about Solidity or Merkle Trees or anything like that. All you had to do was find a transaction that worked, find/replace the other person's address with yours, and then re-broadcast it. A routine upgrade marked the zero hash as a valid root, which had the effect of allowing messages to be spoofed on Nomad. Attackers abused this to copy/paste transactions and quickly drained the bridge in a frenzied free-for-all," he explained in a series of tweets.

Bridges are software that enable different types of blockchains and their respective tokens to interoperate, rather than work in silos. Bridge attacks have become more frequent in recent months as crypto-users have demonstrated an increased appetite for swapping assets between different blockchains.

The hack comes days after Nomad announced the full list of investors in its $22 million seed round, which was led by Polychain Capital, with participation from backers including Ethereal Ventures, Hack VC, Coinbase Ventures and Capital.

(With inputs from agencies)


Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Updated: 02 Aug 2022, 01:35 PM IST
Recommended For You
Get alerts on WhatsApp
Set Preferences My Reads Watchlist Feedback Redeem a Gift Card Logout