Nomad Cross-chain Bridge Suffers $190M Loss in Chaotic Copy-Paste Attack

Nomad Hacked

The Nomad cross-chain bridge has suffered an exploit resulting in many malicious “copy/paste” actors draining the protocol’s collateral.

Nomad is a token bridge for cross-chain transfers between Ethereum, Avalanche, Milkomeda, and Moonbeam.

In the early hours of August 2, Nomad bridge posted an alert of its awareness of an ongoing hack on its system, and some hours later, the entire protocol’s funds of more than $190 million were drained.

Crypto community developer and white hat ‘samczsun’ explained the situation by labeling the attack as “one of the most chaotic hacks that Web3 has ever seen.”

Researchers shared a tweet showing multiple transactions of funds leaving the bridge in the ETHSecurity Telegram channel. It initially appeared as a misconfiguration in token decimals, but samczsun discovered:

“However, after some painful manual digging on the Moonbeam network, I confirmed that while the Moonbeam transaction did bridge out 0.01 WBTC, somehow the Ethereum transaction bridged in 100 WBTC.”

This exploitation is different because the transactions were not directly ‘proved’ and executed. samczsun said, “Being able to process a message without proving it first is extremely Not Good.” The coder dug some more and found a fatal flaw in the ‘Replica’ smart contract initialized during a routine Nomad upgrade.

He added that this was chaotic because the hackers needed no technical knowledge. They just needed to find a working transaction, replace the target address with their own, and rebroadcast it.

“A routine upgrade marked the zero hash as a valid root, which had the effect of allowing messages to be spoofed on Nomad. Attackers abused this to copy/paste transactions and quickly drained the bridge in a frenzied free-for-all,”

Nomad has even discovered fraudulent addresses attempting to steal funds returned to the bridge.

According to DeFiLlama, Nomad’s total value locked has crashed from $190.38 million to $5,336 over the past few hours.

Nomad is the latest token bridge attack this year following the high-profile exploits of the Ronin Bridge, Wormhole, and Harmony.

You might also like:North Korean Regimes Attack the Crypto Market with Plagiarized Resumes.

Contact Us

Disclaimer

Forex, Crypto, Options, and Binary Options have both large potential rewards and large potential risks. Therefore, before investing or trading any of the assets, ensure you are aware of and willing to accept the accompanying risks. Do not trade money you cannot afford to lose.

All Rights Reserved. None of the content of this website can be published elsewhere by any means without the prior consent of the owner(s). Please, check our terms & conditions and privacy policy before continuing to use this website.

This website and its owner(s) are not in any way liable for any incurred loss, whether caused by the information provided on this website or otherwise. The use of this website, including the content and information provided, is the user’s sole liability.