Thieves Frenzy Attack Software Glitch Steal $190 Million From Nomad Crypto Bridge

1 min read

Nomad, which supplies a crypto bridge enabling holders to swap their tokens across blockcahins was the target of hackers who uncovered a software bug and exploited it to the tune of $190M. Described as one of DeFi’s most chaotic hacks to date. Most crypto hacks involve social engineering and / or in-depth programming knowledge to exploit a system, however Nomad’s bridge was compromised with greater ease.

$190M Lost in Nomad Attack 

Nomad has become the target of crypto’s latest nine-figure attack.

The cross-chain project’s token bridge suffered a major exploit late Monday, allowing a group of thieves to make off with around $190 million in stolen digital assets.

News of the attack first surfaced on social media after security researchers noticed a high volume of assets leaving the bridge. According to Paradigm researcher samczsun, a flaw in Nomad’s Replica contract effectively allowed users to make one small deposit to the bridge and withdraw a much larger amount of funds they never actually owned. While most DeFi exploits are typically carried out by skilled programmers with an in-depth knowledge of Solidity, taking advantage of this one only required a relatively simple copy and paste exercise. This meant that opportunists flocked to steal funds from the bridge once word got around, resulting in what samczsun described as a “frenzied free-for-all.”

Though the total sum lost has not yet been confirmed, it’s estimated that about $190 million worth of wrapped Bitcoin (WBTC), wrapped Ethereum (WETH), USD Coin (USDC) and other assets was stolen. That makes the attack one of the biggest to hit the DeFi space to date. According to Defi Llama data, the project now holds just $12,750 in total value locked.

The Nomad team took to Twitter early Tuesday to say that it was “investigating [the incident] and will provide updates” as more information becomes clear, but it has not yet published a postmortem report.

Nomad is one of many cross-chain projects aiming to enable interoperability across blockchains. Its core product is the Nomad token bridge, which lets users move their assets freely across Polkadot’s Moonbeam parachain, Ethereum, Evmos, and Milkomeda. The Nomad team raised $22 million in a Polychain-led seed round in April. The raise put the company’s valuation at $225 million.

Editor’s note: This story is developing and will be updated as further details emerge. 

Via this site