The Nomad token bridge appears to have experienced a security exploit that has allowed hackers to systematically drain a significant portion of the bridge’s funds over a long series of transactions.
The cross-chain token bridge was exploited Monday, with attackers draining the protocol of virtually all of its funds. The total value of cryptocurrency lost to the attack totaled near $200 million.
Nomad, like other cross-chain bridges, allows users to send and receive tokens between different blockchains. Monday’s attack is the latest in a string of highly publicized incidents that have drawn the security of cross-chain bridges into question. Hundreds of potential exploiters, and even some white hat do-gooders who intend to return funds, appear to have removed all of the bridge’s $200 million in TVL in hours.
The Nomad Bridge Exploited by White Hat Friends
Nearly the entire $190.7 million in crypto has been removed from the bridge, with only $651.54 left remaining in the wallet, according to decentralized finance (DeFi) tracking platform DefiLlama.
However, Nomad later suggested to Cointelegraph that some of the funds were withdrawn by “white hat friends” who took them out to safeguard them.
https://twitter.com/StaniKulechov/status/1554239044653121536?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1554239044653121536%7Ctwgr%5Eda761f3828a8e9c92a0e5ee21e2213d2dbc5c65a%7Ctwcon%5Es1_c10&ref_url=https%3A%2F%2Fcointelegraph.com%2Fnews%2Fnomad-token-bridge-drained-of-190m-in-funds-in-security-exploit
Nomad reported in an email on Tuesday that at least some of the people who took funds acted benevolently to protect the crypto from getting into the wrong hands. The team added that it had retained the services of “leading firms for blockchain intelligence and forensics:”
“Nomad has notified law enforcement and is working around the clock to address the situation and provide timely updates. It’s goal is to identify the accounts and trace and recover the funds and it is grateful to its many white hat friends who reacted quickly to withdraw and safeguard the funds.”
Companies Affected by the Nomad Attack
Since many partners use Nomad assets (on different chains), many names will inevitably be affected after this incident.
Peckshield also posted a list of wallets involved in the attack, including white hat hacker wallets who actively hacked to get money back to its users.
Moonbeam
Nomad is one of the leading bridge platforms on Moonbeam’s ecosystem, and the theft of most of the security assets at the Ethereum bridgehead may affect the value of some assets at the bridgehead. Moonbeam’s Twitter homepage said that the attack on the bridge caused the number of assets at the Ethereum bridge to be wiped out.
Also, this morning, Moonbeam had to “suspend” the blockchain for 4 hours to conduct the “Maintenance” process. At the time of writing, the maintenance process had been completed, and the Moonbeam team said that no vulnerabilities related to the above attack had been discovered.
Connext
Connext is a team that has a close relationship with the bridge. Many sources believe that Connext derives its liquidity from Nomad and may suffer significant losses after this incident. However, Arjun (project representative) said that Connext only stores madUSDC assets (i.e., USDC certificates on the Nomad bridge).
Evmos
Evmos was the rarest case when the price of EVMOS coin skyrocketed after the Nomad attack. The reason for this fluctuation is that madUSDC lost its price anchor at the Ethereum bridgehead, causing many people to seek to sell this asset to EVMOS to avoid loss of asset value. However, the lack of liquidity and a large number of users landed, causing the price of EVMOS to build up a column quickly.
The Evmos team said this vulnerability is not related to the network, and the Evmos chain is still working usually.
