Another blockchain bridge has been hacked, with this one ending up losing around $200 million – apparently due to the greed of its users.
Nomad was exploited earlier this week and the protocol lost almost everything it had, despite no malware or cyberattacks being involved.
While bridge exploits aren’t that new in the cryptocurrency world (remember Ronin, Wormhole, Beanstalk), this one is a little different.
This includes law enforcement
Apparently, a recent update to one of Nomad’s smart contracts allowed users to fake transactions. In other words, whoever wanted to take the money from the bridge was free to do so. There was no malware or compromised endpoints.
And that is the key difference here. This was not the work of a single hacker, or a group of actors, looking for a hole in the code to exploit. This is where the project developers messed up and the whole community seized the day and grabbed what they could.
In a statement, Nomad said: “The investigation is ongoing and leading blockchain intelligence and forensics companies have been retained. We have notified law enforcement and are working around the clock to address the situation and provide timely updates . Our goal is to identify the accounts involved and to trace and recover the funds.”
Bridge hacks are quite common these days. A little over a month ago, an unknown person stole more than 85,000 Ether tokens from the Harmony bridge, which at the time was valued at around $105 million, while in April, the Ronin (bridge owned by the makers of Axie Infinity) breach ) led to the largest crypto heist of all time – worth over $600 million at the time.
A bridge company offers the service of transferring coins between different chains, a service that has become extremely popular in the last couple of years. At the same time, these companies have become prime targets for cybercriminals everywhere, as they are often coded with insufficient security, resulting in theft (opens in new tab).
Via: CoinDesk (opens in new tab)
