The Nomad token bridge appears to have suffered from a security flaw that has allowed hackers to systematically drain funds from the bridge over a long series of transactions.
Almost all of the $190.7 million in cryptocurrency has been withdrawn from the bridge, and there is only USD 651.54 left in the protocol wallet, according to decentralized finance (DeFi) tracking platform DeFi Llama.
Nomad bridge is getting drained, your funds might be at risk and might be able to still withdraw the remaining funds ⚠️ https://t.co/RgYmjSV9eB
— stani.lens (,) (@StaniKulechov) August 1, 2022
Nomad bridge is emptying, your funds could be at risk and you could still withdraw any remaining funds
The first suspicious transaction, which could have been the genesis of the exploit, occurred at 21:32 UTC, when someone managed to withdraw 100 Wrapped Bitcoin (WBTC) worth about $2.3 million from the bridge.
Shortly after the community raised the alarm about the possible exploit, the Nomad team confirmed at 11:35pm UTC that they were aware of the “Nomad token bridge incident”, adding that “is currently investigating the incident.” The team did not immediately respond to our request for comment.
We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them.
— Nomad (⤭⛓) (@nomadxyz_) August 1, 2022
We are aware of the Nomad token bridge incident. We are currently investigating and will provide updates when we have them.
In the incident, WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI) have been stolen from the bridge. , GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL), and Charli3 (C3) tokens.
The attackers withdrew the tokens in an unusual way, as each token was withdrawn in nearly equivalent denominations. For example, transactions with exactly 202,440.725413 USDC were executed more than 200 times.
Nomad is a token bridge that enables token transfer between Avalanche (AVAX), Ethereum (ETH), Evmos (EVMOS), Milkomeda C1, and Moonbeam (GLMR).
Unlike other exploits that have become commonplace in 2022, in this event so far there are hundreds of addresses receiving tokens directly from the bridge.
In the meantime, the Polkadot network’s Moonbeam smart contract platform, whose native GLMR token was one of the targets of the Nomad exploit, went into lockdown mode. maintenance at 11:18pm UTC “to investigate a security incident.” As a result, Moonbeam functionality such as regular user transactions and smart contract interactions will be disabled.
1/ Important Notice: The Moonbeam Network has gone into Maintenance Mode in order to investigate a security incident with a smart contract deployed on the network.
— Moonbeam Network #HarvestMoonbeam (@MoonbeamNetwork) August 1, 2022
Important notice: The Moonbeam network has entered maintenance mode to investigate a security incident with a smart contract deployed on the network.
The attack is ill-timed for Bridge who and his investors from the seed round of a fundraiser in April. On July 29, the project revealed in a Tweet Coinbase Ventures, OpenSea, and five other major cryptocurrency firms participated in a seed funding round in April that saw Nomad reach a $225 million valuation.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information set forth herein should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Keep reading:
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the full amount invested may be lost. The services or products offered are not aimed at or accessible to investors in Spain.