Another blockchain bridge was compromised, this one ended up losing around €200 million, apparently due to the greed of its users.
Nomad was exploited earlier this week and the protocol lost almost everything it had, although apparently no malware or cyberattacks were involved.
While bridging exploits aren't all that new to the crypto world (remember Ronin, Wormhole, Beanstalk), this one is a bit different.
Law enforcement included
Apparently, a recent update to one of Nomad's smart contracts allowed users to spoof transactions. In other words, anyone who wanted to take the bridge money was free to do so. There was no malware or compromised endpoint involved.
And that's the main difference here. It was not the work of a single hacker, or a group of actors, looking for a hole in the code to exploit. It was the developers of the project who messed up, and the entire community seized the day and grabbed what they could.
In a statement, Nomad said: “An investigation is underway and leading blockchain intelligence and forensics firms have been engaged. We have notified law enforcement and are working around the clock to resolve the situation and provide timely updates. Our goal is to identify those affected." accounts and trace and recover funds.
Bridge hacks are pretty common these days. Just over a month ago, an unknown person stole more than 85,000 Ether tokens from the Harmony bridge which, at the time, was valued at around €105 million, while in April, the breach of Ronin (a bridge owned by the creators of Axie Infinity) resulted in the largest crypto heist of all time, valued at over €600 million at the time.
A bridge company offers the service of interchain currency transfer, a service that has become extremely popular in recent years. At the same time, these companies have become major targets for cybercriminals around the world, as they are often encrypted with insufficient security, leading to theft (opens in a new tab).
Via: CoinDesk (Opens in a new tab)