Defi Llama, an analytics expert, reports that the bridge shut off in July with a TVL of almost $190 million.
Soon after numerous users on crypto Twitter started to see the bridge get hacked, raising worries about unusual transactions, the security issue came to light. The Nomad quickly sent a tweet admitting the hack after that.
The “event involving the Nomad token bridge” was acknowledged by the nomad team, who added that they are “currently examining the incident.”
Nomad bridge is getting drained, your funds might be at risk and might be able to still withdraw the remaining funds ⚠️ https://t.co/RgYmjSV9eBAugust 1, 2022
The Polkadot network’s Moonbeam smart contract platform, whose native GLMR currency was one of those targeted by the Nomad hack, entered maintenance mode in the midst of this to “examine a security situation.”
Because the Nomad token bridge enables token transfers between Avalanche (AVAX), Ethereum (ETH), Evmos (EVMOS), Milkomeda C1, and Moonbeam, this is noteworthy (GLMR).
Around 9:00 pm UTC, 100 Wrapped Bitcoin (WBTC) tokens worth $2.3 million was successfully removed from the bridge in what is reportedly the first suspicious transaction cited as the origin of the ongoing exploit.
Since the hackers began withdrawing tokens with almost identical denominations, suspicions about a potential exploit have increased. The community looked more closely at the transactions due to the token’s decimal configuration error.
“I confirmed that while the Moonbeam transaction did bridge out 0.01 WBTC, somehow the Ethereum transaction spanned in 100 WBTC,”
said Twitter user Samczsun. After that, he discovered that the bridge transaction in the WBTC had not demonstrated anything that indicated the possibility of a hack.
5/ Furthermore, the transaction to bridge in the WBTC didn't actually prove anything. It simply called `process` directly. Suffice to say, being able to process a message without proving it first is extremely Not Good pic.twitter.com/LRgfXLOFkDAugust 2, 2022
Simply said, a user-altered code was discovered during the bridge audit to ensure that every communication on the bridge was valid. Evmos claims that the Nomad bridge contract had a flaw that allowed it to accept any root hash, allowing many entities to withdraw substantial sums of money.
Numerous individuals attempted to replicate the attack once the exploit made headlines to steal some cryptocurrency.
top 300 withdrawals from nomad bridge ranked by size, special shoutout to @0xKofi for the help👍 https://t.co/5ObrzQw3lw pic.twitter.com/adJRajOUHlAugust 2, 2022
A large number of tokens, including WBTC, WETH, USDC, FRAX, CQT, Hummingbird Governance Token (HBOT), IAGON (IAG), and Dai (DAI), among others, have been drained from the platform as a result of the vulnerability attack.
Nomad Had Recently Disclosed New Funding
The most recent exploit comes just four days after Nomad disclosed the whole list of investors that took part in its $22 million seed round in April, which featured well-known companies including Coinbase Ventures, Wintermute, 1kx, and Polychain Capital.
This event has once more highlighted the growing weaknesses of cross-chain bridges, which are currently a favored target of cryptocurrency hackers. Bridge exploits are still a major worry for the entire Defi ecosystem and have a devastating effect on user finances.
One of the biggest cryptocurrency exploits in history cost Ronin Network, the Ethereum-powered sidechain for Axie Infinity, a whopping $625 million.