Crypto bridge Nomad was exploited for nearly $200 million on August 1st. The team is investigating the attack and has warned users not to send money to people impersonating Nomad employees.
Crypto Bridge Nomad has suffered an exploit that has led attackers to extort nearly $200 million in WETH and WBTC. The attack happened on August 1 and the group said it was aware of it and is investigating.
The attack happened within hours and almost all the money on the bridge was drained. Samczsun, researcher at Paradigm, he said that a recent upgrade to a smart contract resulted in attackers being able to fake transactions.
Attackers also try to impersonate Nomad employees to steal more money. The group said it was aware that these impersonators were sending fraudulent addresses to collect money. They clarified that they have not yet issued instructions for the return of the bridge funds.
This feat deals a heavy blow to Nomad, who is experiencing a strong few weeks. The company raised $22 million in a seed funding round just a few days ago, with participants including Coinbase Ventures, Polygon, Wintermute, Polychain Capital, Gnosis and OpenSea.
Bridge exploits are a popular attack vector
Bridge attacks have become an increasingly popular method for bad actors. There have been quite a few this year alone, including the massive $600 million attack on Axie Infinity’s Ronin Bridge, which has just restarted. North Korean hackers have been linked to the Ronin attack.
Wormhole was another major incident, with attackers collecting around $300 million from the Solana Bridge. The most recent of these attacks was on the Harmony Horizon Bridge, where $100 million was stolen.
Security is still a priority for the DeFi market
Security has become a top priority for DeFi projects, which have been under attack for years. In 2022 alone, hackers have stolen over $1.2 billion from the DeFi space.
Teams are now working on how to prevent Bridge hacks, and this will be necessary if teams want to maintain their reputation and retain users. Nomad itself is working on new solutions, though that doesn’t mean they aren’t completely invulnerable.
Denial of responsibility
All information contained on our website is published in good faith and for general information purposes only. Any action the reader takes on the information found on our website is strictly at their own risk.