Nomad Bridge Hack: Here's the Full Account of How Exploit Happened

What Led to the Nomad Bridge Hack?

Typically, bridges like Nomad operate by locking up tokens in a smart contract on one chain. They then reissue the same tokens on another chain, but this time in a ‘wrapped form.

For the Nomad bridge hack, however, it was the smart contract where its tokens are locked up, that got exploited, all thanks to a recent update. As a researcher identified as @samczsun pointed out on Twitter, the update opened up a loophole in Nomad’s smart contract. And that allowed users to fake transactions, withdrawing funds from the bridge that wasn’t necessarily theirs.

Meanwhile, the Nomad bridge hack is also different from others before it in terms of the number of attackers. Most bridge attacks in the past usually have a single attacker, but it was a different case with Nomad. The exploit left open access to all users who knew what to do and exactly how to do it.

According to PeckShield, 41 addresses took over $152 million in the hack. But that represents only about 80% of the total amount lost.

As Nomad itself has clarified, however, some of the drained funds were also initiated by some white-hat good actors. They acted in the interest of Nomad to ensure that the funds do not end up in the wrong hands.

A Growing Menace

The rising demand for cross-chain asset swapping by crypto users has also undeniably ushered in an era of frequent bridge attacks.

In March, the Ronin bridge attack resulted in the biggest DeFi attack to date to go down in history. The bridge lost over $600 million worth of crypto to the attack at the time. Since then, the DeFi ecosystem has never been the same.

But even before the Ronin episode, the Wormhole bridge was also exploited in a similar fashion. It also lost $322 million in total to its February hack.

Summarily, while bridges such as Nomad have given blockchain startups the chance to proliferate, bridge hacks like these also hold the potential to ruin the smaller chains that rely on them for liquidity.

Bitcoin News, Blockchain News, Cryptocurrency News, Cybersecurity News, News Ronin Attackers Transfer Stolen $625 Million to Bitcoin Network

By Darya Rudz August 22nd, 2022

The latest findings show that the attackers converted the rest of the Ronin assets to renBTC using 1inch or Uniswap. Since Ren allows transferring value between blockchains, the hackers managed to bridge the assets from Ethereum to the Bitcoin network.

Altcoin News, Binance News, Blockchain News, Cryptocurrency News, News Binance Helps Recover $450K from Siphoned Curve.Finance Hack

By Godfrey Benjamin August 12th, 2022

CZ affirmed that the recovered funds represent about 83% of the total stolen funds, and the exchange is currently cooperating with law enforcement agencies to help return the stolen amount.

Altcoin News, Cryptocurrency News, Market News, News Harmony’s Horizon Bridge Hacked for $100M, Stirring a Slump in ONE Token

By Godfrey Benjamin June 24th, 2022

Harmony’s Horizon Bridge has been hacked for the sum of $100 million, becoming the latest of the bridges whose security frailty will be exploited in recent months.