No menu items!

    Cryptocurrency firm that promised security lost $200 million due to hack

    In what now appears to be a weekly event, the latest major crypto hack claimed almost $200 million from Nomad, the so-called token bridge between chains. These bridges are designed to allow people to transfer crypto-tokens between different blockchains and, without getting too far into the wild, work by locking tokens on one chain and reissuing them in a “wrapped” form on another: this process is called a smart contract.

    However, Nomad has now acknowledged the hack. In a statement, the company said:

    The investigation is ongoing and leading blockchain intelligence and forensics firms have been hired. We have notified law enforcement and are working around the clock to rectify the situation and provide updates in a timely manner. Our goal is to identify the accounts involved and track and return them.

    So what happened? Basically, Nomad released an update that made it easier for users to fake transactions and withdraw funds from a bridge that didn’t belong to them. This was not an exploit that required elite skills to use, and when it was spotted, hackers swooped in en masse and stole almost everything contained in the Ethereum Mainnet Nomad smart contract.

    Security researcher Samczsun, who works for crypto investment company Paradigm, explains the exploit in the following link. tweet thread. Essentially, the system defaulted to every message being “authenticated”: Ultimately, it came down to “the attackers took advantage of this to copy/paste transactions, and quickly emptied the bridge.”

    It is worth bearing in mind that the amounts are in cryptocurrency, not cash. A lot of money has been lost, but it’s hard to say for sure: it’s estimated to be between $45 million and $200 million.

    Nomad convinced people that its protocol could provide more security for cryptocurrency transactions than its competitors. “Nomad’s goal is to provide the connective tissue that allows users and developers to safely interoperate in a multi-chain world,” the bridge documentation says (emphasis added).

    As seen on PlayGround

    Latest articles

    Related articles