Cryptocurrency theft hacks have been numerous in recent months. Last June, for example, a hack led to the theft of $100 million worth of cryptocurrency. In both cases, this theft of cryptoassets involves a bridge – these players specializing in the instant exchange of funds between blockchains.
However, in the case of Nomad, it seems to be a particularly big mistake. Nomad Bridge is truly managed by a 100% open source smart contract. Therefore, it is possible to directly consult the code and eliminate defects. However, a configuration error in the smart contract allowed anyone to reconfirm transactions that had already been made by changing the recipient’s address.
Massive Hack Targets Nomad Crypto Bridge
Such a simple process that it was not really a question of having very advanced knowledge. In fact, when Nomad users started seeing funds being stolen from multiple addresses, some quickly caught on to the scheme and attempted to recover the stolen funds using the same process as the hackers. Enough to create what somehow looks like the first massive “heist” in cryptocurrency history.
For its part, Nomad explains on Twitter: “We are working hard to resolve the situation, have notified authorities and contacted leaders in blockchain intelligence and investigations. Our goal is to identify the accounts involved and trace the funds. Thanks to our many friends at White Hat who acted upstream to protect the funds”.
As the company notes, part of the stolen sums could be easily returned thanks to the actions of certain ethical hackers. However, it is not clear at this stage how much money could have been secured in this way. To make matters worse, according to Nomad, malicious actors are currently trying to impersonate the bridge with messages that encourage ethical hackers to return funds…to an address under their control.
Also Read – Cryptocurrency Theft Is Exploding This Year, What’s Happening?
Nomad points it out for now “There are no instructions [officielles] to return the sums of the bridge”. And to add: “please continue to save them until we can give you a procedure to follow to post them on this Twitter thread”.
