Nomad DeFi Bridge Drained of At Least USD 150M in 'Chaotic' 'Decentralized Robbery' | The Markets Café
  • Privacy Policy
  • Terms of use
  • Press Release
  • Advertise
  • Contact
Wednesday, March 22, 2023
No Result
View All Result
Subscribe
  • Login
The Markets Café
en English
zh-CN 简体中文en Englishfr Françaisde Deutschhi हिन्दीit Italianoja 日本語pt Portuguêsru Русскийes Españoltr Türkçe
  • News
  • Politics
  • Markets
    • Stocks
    • Futures
    • Commodities
  • Crypto
    • News
    • Markets
    • NFT
    • DeFi
    • Explained
  • Economy
  • Finance
  • Investing
  • Forex
  • Real Estate
  • Tech
  • VideosHOT
  • Community
  • Charts
  • News
  • Politics
  • Markets
    • Stocks
    • Futures
    • Commodities
  • Crypto
    • News
    • Markets
    • NFT
    • DeFi
    • Explained
  • Economy
  • Finance
  • Investing
  • Forex
  • Real Estate
  • Tech
  • VideosHOT
  • Community
  • Charts
No Result
View All Result
The Markets Café
No Result
View All Result
  • News
  • Politics
  • Markets
  • Crypto
  • Economy
  • Finance
  • Forex
  • Investing
  • Tech
  • Videos
  • Community
Home Crypto DeFi

Nomad DeFi Bridge Drained of At Least USD 150M in ‘Chaotic’ ‘Decentralized Robbery’

by Press Room
August 13, 2022
in DeFi
98 5
A A
0
21
SHARES
687
VIEWS
FacebookTwitter

 

Cross-chain messaging protocol Nomad, which allows users to send and receive tokens between different blockchains, was drained of at least USD 150m after experiencing a security exploit that allowed bad actors to spoof messages. 

The project had USD 190m in total value locked (TVL) just before the exploit began, according to DeFi tracking platform DeFi Llama. However, in a matter of hours, all the funds were drained.  At the time of writing, the project currently has around USD 5,600 in TVL. 

 

Blockchain security firm BlockSec estimated the loss to be around USD 150m. This could suggest that users themselves withdraw the remaining USD 40m from the bridge. 

Etherescan transactions show that the first suspicious transaction might have occurred at 9:32 PM UTC on Monday, when a user managed to remove wrapped bitcoin (WBTC) 100 (worth around USD 2.3m) from the bridge by depositing WBTC 0.01 (around USD 230).

Subsequently, the Nomad team confirmed that it was aware of the “incident involving the Nomad token bridge” adding it is “currently investigating the incident.” 

Various amounts of WBTC, wrapped ethereurm (WETH), USD coin (USDC), frax (FRAX), covalent query token (CQT), hummingbird governance token (HBOT), IAGON (IAG), dai (DAI), gerowallet (GERO), card starter (CARDS), saddle DAO (SDL), and charli3 (C3) tokens have been taken from the bridge, according to data compiled by crypto security firm PeckShield.

According to Sam Sun, Head of Security at Paradigm, the hack was possible because “the Nomad team initialized the trusted root to be 0x00” during an upgrade, which had the “side effect of auto-proving every message.” 

“This is why the hack was so chaotic – you didn’t need to know about Solidity or Merkle Trees or anything like that,” Sun added. “All you had to do was find a transaction that worked, find/replace the other person’s address with yours, and then re-broadcast it.” 

Anonymous Terra researcher FatMan called the incident “the first decentralized robbery.” They added that “all one had to do was copy the first hacker’s transaction and change the address, then hit send through Etherscan.”

Cryptonews.com has reached out to Nomad for comment. 

The Nomad team has not yet provided any further details about the hack. In their latest tweet, they warned about impersonators trying to collect funds. 

“We’re aware of impersonators posing as Nomad and providing fraudulent addresses to collect funds,” the team said. “We aren’t yet providing instructions to return bridge funds. Disregard comms from all channels other than Nomad’s official channel.”

The Nomad Bridge hack is the latest in a series of attacks targeting bridges. 

As reported, in late June, a hacker exploited a vulnerability in Harmony’s Horizon Bridge, which allows token transfers between the Harmony network and Ethereum, Binance Chain (BNB), and Bitcoin (BTC), to steal USD 100m worth of different cryptoassets.

And prior to that, the Ronin Network, an Ethereum-based sidechain made for the popular play-to-earn game Axie Infinity, was exploited to the tune of USD 600m while DeFi platform Wormhole lost almost USD 325m to hackers in February.
____
 
– Growth in Digital Assets Trade Puts the Spotlight on Blockchain Bridge Security Risks
– Harmony Proposes Minting Billions of ONE Tokens to Reimburse Hack-Affected Users
– A Multichain World Is Key to the Success of Web 3.0 and the Metaverse
____
(Updated at 08:59 UTC with additional data from PeckShield.)



Read the full article here

Related Articles

DeFi

Hostile Takeover Fears: DefiLlama Co-Founder Exposes Internal Rift over Token Launch – What’s Going On?

March 20, 2023
DeFi

Shiba Inu Price Prediction as Shibarium Public Beta Launch Approaches – Is a SHIB Pump Coming?

March 16, 2023
DeFi

Former CEO of Troubled Crypto Firm Creates New Stablecoin – How Does it Work?

March 14, 2023
DeFi

How USDC Stablecoin Depegging Could Break Many Crypto Firms But Bitcoin Will be Stronger

March 12, 2023
DeFi

Today in Crypto: Tender.fi Hacker Returns Stolen Funds, Hedera Confirms Exploit and Turns Off Mainnet Proxies, Meta Mulling Decentralized Text-based App

March 10, 2023
DeFi

Bloomberg Expert Sounds the Alarm: Bitcoin at Risk of Major Collapse – Here’s Why

March 8, 2023

About Us

The Markets Café

The Markets Cafe is your one stope Finance, Politics and bussines news website, follow us to get the latest news and updates from around the world.

Sections

  • Commodities
  • Crypto Markets
  • Crypto News
  • DeFi
  • Economy
  • Explained
  • Finance
  • Forex
  • Futures
  • Investing
  • Markets
  • News
  • NFT
  • Politics
  • Real Estate
  • Stocks
  • Tech
  • Videos

Site Links

  • Contact
  • Advertise
  • DMCA
  • Submit Article
  • Forum
  • Site info
  • Newsletter

Newsletter

THE MOST IMPORTANT FINANCE NEWS AND EVENTS OF THE DAY

Subscribe to our mailing list to receives daily updates direct to your inbox!

  • Privacy Policy
  • Terms of use
  • Press Release
  • Advertise
  • Contact

© 2022 The Markets Café - All rights reserved.

No Result
View All Result
  • News
  • Politics
  • Markets
    • Stocks
    • Futures
    • Commodities
  • Crypto
    • News
    • Markets
    • NFT
    • DeFi
    • Explained
  • Economy
  • Finance
  • Investing
  • Forex
  • Real Estate
  • Tech
  • Videos
  • Community
  • Charts

© 2022 The Markets Café - All rights reserved.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.