Cross-chain bridge Nomad Bridge became the main target of hackers and…looters, and goodness knows what else…
Nomad Bridge, a protocol that enables interactions between different blockchains, was hacked this week. Hackers exploited the vulnerabilities of the bridge and stole more than $190 million in assets.
The assets affected in the incident include WBTC, WETH, USDC, FRAX, CQT, HBOT, IAG, DAI, GERO, CARDS, SDL, and C3. Nomad is the next name to join the list of unlucky bridges under major attacks following Axie Infinity and Horizon.
Nomad Bridge Got Hit – In a Big Way
The first suspicious transaction was made on August 2, when hackers tried to transfer 100 Wrapped Bitcoin (WBTC) equivalent to $2.3 million from the bridge.
Upon discovering the problem about possible further exploits, opportunists took advantage of the loophole, replicated the hacker’s transaction information, changed the original address to their addresses, and successfully withdrew money.
This time’s exploit is easy to duplicate, which explains why it is the quickest and most chaotic attack.
Anyone on the project’s Discord could simply copy the attacker’s first transaction and change the address, then press send via Etherscan, they will randomly receive thousand dollars per txid.
How could it even possibly happen?
Since the incident is still being investigated, the hacked project has not provided any further explanation. However, some crypto researchers and experts have indicated viable answers.
The Wild West of Finance
According to Paradigm researcher Sam Sun, the vulnerability stems from another bug discovered and reported to Nomad by the smart contract auditing unit Quantstamp in early June.
The project addressed the other issue, but in the process of doing so, it changed to root 0x000…, resulting in the repercussions that occurred.
Each transaction will go through a verification (verify) stage to ensure that it is valid. And, while Root is necessary for this verification, the developer here left it at 0x00, and this Root identifying code automatically ensures all transactions are valid.
The Nomad team issued warnings about the Nomad token bridge-related event not long after learning about it.
The Nomad bridge has been shut down following the attack, according to the official Nomad Twitter thread. The team stated that they are working with law enforcement to further investigate the event.
“We are aware of impersonators posing as Nomad and providing fraudulent addresses to collect funds. We are not yet providing instructions to return bridge funds. Disregard comms from all channels other than Nomad’s official channel: @nomadxyz_.”
Nomad is a Great Idea
Nomad is a bridge that allows the transfer of tokens between different blockchains such as Avalanche (AVAX), Ethereum (ETH), Evmos (EVMOS), Milkomeda C1, and Moonbeam (GLMR) through Nomad’s messaging system.
The protocol has a wide range of application possibilities and can be used to develop cross-chain apps.
Nomad recently revealed that it successfully raised $22 million from industry-leading figures including Coinbase Ventures, OpenSea, and five other major players in a seed funding led by Polychain in April. The funding topped the company valuation to $225 million.
In comparison to attacks against cross-chain bridges in 2021, these attacks this year caused severe damage to the project itself, VCs, and projects associated with the bridges because of the connectivity nature of a cross-chain bridge.
The fact that blockchain is decentralized makes it easier to defend. But the protocols and software were all made by people, so it is possible that there are weaknesses.
These are web and mobile apps that use blockchain, but they still have the same security flaws as traditional software because they are still web and mobile apps.
Since the beginning of the year, four cross-chain bridges have been hacked, including Wormhole, Ronin, Horizon, and Nomad. None have less than a $100 million loss.
Cross-chain Bridge has improved blockchain interoperability, resulting in a better experience for blockchain users and developers. However, due to specific vulnerabilities, these bridges have recently been a popular target for attackers.