Nomad reportedly ignored security vulnerability that led to $190M exploit

The exploit took place due to a smart contract vulnerability that saw hundreds of users other than the hacker also get involved, taking away as much as they can by simply copy-pasting the transaction data used by the initial hacker and changing the wallet address to theirs. The event was later deemed as a decentralized robbery by many due to the involvement of normal community members.

Later, the Nomad team revealed to Cointelegraph that some of the people who took funds were acting benevolently to protect the crypto from getting into the wrong hands.

In the aftermath of the hack, the crypto analysis group BestBrokers found that the first exploit took place on Aug. 1, which drained 400 Bitcoin (BTC) in four different transactions. The hackers later diverted all 22,880 Ether (ETH), then moved on to the over $107 million worth of stablecoins and finally started diverting the altcoins supported by the project.

The incident has seen WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL) and Charli3 (C3) tokens taken from the bridge.

Related: Ongoing Solana-based wallet hack seeing millions drained

Some altcoins that were stolen from the platform suffered as much as a 94% decline. Data collected by the analysis firm showed that the following altcoins suffered the biggest collapse after the hack:

The smart contract vulnerability that was exploited was highlighted in a security audit report done by Quantstamp in the first week of June. The Nomad team even responded to the vulnerability by claiming it to be “effectively impossible to find the preimage of the empty leaf.”

The auditors believed that the Nomad team has misunderstood the issue at the time, and within two months, the same vulnerability has been the reason behind nearly $200 million in losses.

The Nomad token bridge hack on Aug. 3 was the fourth largest crypto hack in history that saw nearly $200 million worth of crypto assets drained from the platform. However, more than the hack, the methodology behind it garnered widespread attention.

Cointelegraph reached out to Nomad with queries related to the discovery and will update the story accordingly.

All Dutch and English crypto news!

CME Group plans to launch options on ETH futures prior to the Merge

Major derivatives marketplace Chicago Mercantile Exchange Group intends to launch options trading for its Ether futures products. In a Thursday announcement, the CME Group said that...

Blockchain venture capital funding down over 43% in July: Report

Typically a lagging indicator of the sector's health, the explosion of venture funding in the blockchain sector in 2021 and the first half of 2022...

Bitcoin ‘liveliness’ lowest since 2021 amid new 5-year BTC hodl record

Bitcoin (BTC) long-term holders are knuckling down as a record portion of the BTC supply stays dormant for years. Data from on-chain analytics firm Glassnode confirms...

Asia Broadband Inc. seeks to further unite the crypto and gold worlds

Asia Broadband, Inc. wants to further unite cryptocurrency and gold in a bid to improve the company's digital asset development group.   Asia Broadband, Inc. (OTC:AABB) announced...

Beste exchanges

Koop je crypto bij Bitvavo