Nomad Cross-Chain Bridge Lost Nearly $200 Million in ‘Chaotic, Free For All’ Exploit

Nomad allows users to send and get cryptocurrencies between different blockchains.

Nomad Cross-Chain Bridge Lost Nearly $200 Million in ‘Chaotic, Free For All’ Exploit

Photo Credit: Website/ Nomad

Repeated attacks on on-chain bridges have put their security under question

Highlights
  • Nomad team yet to disclose its response around this attack
  • Nomad team has acknowledged the attack
  • The exploit happened on August 1

Nomad, a cross-chain bridge lost $200 million (roughly Rs. 1,570 crore) in what security researchers are calling a ‘free for all' exploit. Unlike conventional attacks, where one culprit is responsible for the exploit, Nomad's case was different. Sam Sun, a Paradigm researcher has explained that a recent update to a Nomad smart contract made it convenient for users to spoof transactions and withdraw funds from the bridge, which originally did not belong to them. As per Sun, this is one of the most chaotic exploits to have happened in the Web3 sector so far.

Nomad allows users to send and receive cryptocurrencies between different blockchains. Cross chain bridges like Nomad, typically lock tokens in a smart contract on one chain and reissue these tokens in ‘wrapped' form on another chain.

In Nomad's case, a smart contract where tokens were initially deposited was sabotaged making way for exploiters to act.

“This is why the hack was so chaotic — you didn't need to know about Solidity or Merkle Trees or anything like that. All you had to do was find a transaction that worked, find/replace the other person's address with yours, and then re-broadcast it,” Sun wrote as part of his Twitter thread, decoding the dynamics of the exploit on Nomad.

While the cross-chain bridge has not issued media statements on the incident, it has posted a tweet acknowledging that it is aware of the case.

Nomad's detailed response on the incident remains awaited.

Bridges have become a popular element of the cryptosphere now that more people have begun swapping assets between different blockchains.

These blockchain bridges have caught the attention of hackers, who are constantly looking at ways to exploit them.

In March, a hack attack on Axie Infinity's Ronin bridge depleted a whopping $625 million (roughly Rs. 4,729 crore) from the Sky Mavis gaming company. The Ronin Network, designed by Axie Infinity developer Sky Mavis, acts as a bridge between the video game and the blockchain, allowing cryptocurrencies to be transferred in and out of the game.

Back in February, the Wormhole Portal, that allows people to switch from one cryptocurrency to another, also suffered a breach and lost $322 million (roughly Rs. 2,410 crore) worth of Ether.


Why is Oppo making strange choices with its flagship Reno series? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Cryptocurrency, Nomad, Hack, Wormhole, Ronin
Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
5G Spectrum Auction Concludes on Monday, India to Launch Services Likely by October
Read in: हिंदी
Share on Facebook Tweet Snapchat Share Reddit Comment

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.