DeFi Editor's Picks

Nomad Bridge Loses $190M in a Chaotic Copy-Paste Exploit

Nomad Bridge Loses $190M in a Chaotic Copy-Paste Exploit

Nomad has become the latest token bridge attack this year following the high-profile exploits of the Ronin, Wormhole, and Harmony bridge.

Nomad Bridge announced that it was acutely aware of an ongoing exploit in the early hours of August 2. The token bridge for cross-chain transfers between Ethereum, Avalanche, Milkomeda, and Moonbeam got exhausted as its budget of more than $190 million was drained within the following hours of the announcement.

White hat developer and member of the crypto community ‘samczsun’ broke down the sequence of events and provided an explanation. He called this attack “one of the most chaotic hacks that Web3 has ever observed.”

Nomad funds get exhausted 

Nomad’s total locked value has dropped from $190.38 million to $11,173 in the past few hours, according to DefiLlama data.

Nomad Bridge Loses $190M in a Chaotic Copy-Paste Exploit

Researchers uploaded a tweet in the ETHSecurity Telegram channel that showed many transactions of money leaving the bridge, according to Samczsun’s Tweet, which is where the exploits all began.

After some arduous manual research on the Moonbeam network, samczsun found that while the Moonbeam transaction filled 0.01 WBTC, the Ethereum transaction mysteriously filled 100 WBTC. At first inspection, there appeared to be a misconfiguration in the token decimals.

The fact that the transactions were not “proved” and carried out directly distinguishes this exploit from others. Processing information without first confirming it is really bad, according to Samczsun. After doing some additional research, the programmer discovered a deadly weakness in the “Replica” smart contract, which had been initialized during a regular Nomad upgrade.

Related posts

Tether (USDT)’s Market Dominance Goes Past 50% as BUSD Loses Ground

Afroz Ahmad

For two weeks the hackers have made 15 attacks double spending on Vertcoin (VTC)

alfonso

New Zealand Seizes $90m linked to former Bitcoin Exchange Owner

ibrahim