The Nomad Token Bridge has suffered a security breach that allowed hundreds of potential attackers to withdraw nearly all of the bridge’s $190.7 million over multiple transactions. A number of white hat hackers also withdrew the crypto for safekeeping intending to give it back as soon as the situation is resolved.
Nomad confirmed the fact that at least some money was taken by white hat hackers for safe keeping, with at least one individual coming forward on Twitter and offering to transfer funds back. According to DeFi tracking platform Llama, only has $10,937 in Ethereum at the time of writing.
The first such transaction happened at 9:32 UTC when 100 WBTC (Wrapped Bitcoin) equalling almost $2.3 million were withdrawn from the bridge. The transaction ended up alerting the community and Nomad Bridge confirmed at 11:35 UTC that there has been a security breach and they’re currently investigating the incident.
Following the first malicious transaction, just about all the tokens the platform supported, including WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL), and Charli3 (C3) have been taken from the bridge.
The entire incident has been slightly different compared to the rest of the exploits we’ve seen this year. Instead of sending all the funds only to a couple of addresses, this time around the attackers have removed each token in almost equal values. The most notable example is USDC transactions, repeated over 200 times for exactly 202,440.725413 USDC.
The attack has raised alarms at other crypto companies as well, with the Moonbeam smart contract platform, whose token GLMR was targeted in the exploit announcing that the network will be going into “Maintenance Mode” in order to investigate a smart contract security incident.
Someone who writes/edits/shoots/hosts all things tech and when he’s not, streams himself racing virtual cars. You can reach out to Yadullah at [email protected], or follow him on Instagram or Twitter.