Sunday, November 27, 2022
HomeETHNomad bridge Hack: White hat hackers restores $32.6 million worth of tokens...

Nomad bridge Hack: White hat hackers restores $32.6 million worth of tokens to the Nomad bridge

Whitehat hackers have subsequently returned around $32.6 million worth of funds, only a few hours after the Nomad token bridge revealed an Ethereum wallet address last week for the return of assets after a heist that stole $190 million. In addition to alternative cryptocurrencies, the great majority of funds were held in stablecoins such as USD Coin (USDC), Tether (USDT), and Frax.

According to research that was recently released by Paul Hoffman of BestBrokers, the vulnerability of the Nomad protocol was brought to light in the most recent audit of Nomad conducted by Quantstamp on June 6 and was rated as “Low Risk.” As soon as the vulnerability was identified, individuals of the general public began to participate in the attack by copying and pasting the first transaction that had been compromised. This activity was analogous to a “decentralised heist.” In less than three hours, more than $190 million worth of bitcoins were stolen from Nomad.

The assault took place just four months after the initiative completed a seed round in April, during which it received $22.4 million. According to what Hoffman has said, the assault took advantage of an incorrectly initialised Merkle root, which is used in cryptocurrencies to guarantee that data blocks transported across a peer-to-peer network are complete and have not been changed. Because of a code fault, every transaction message would be automatically validated as legitimate.

However, there were other participants in the theft who were not taking advantage of the opportunity. Whitehat hackers were able to extract money for the original hacker to use almost immediately after the breach was initiated. They did this by copying the transaction hash used by the original hacker. On the other hand, it is believed that one hacker used their Ethereum Domain Name to launder the stolen assets, which might lead to cross-verification with the Know-Your-Customer information that also uses the domain.

Read more at Cryptoshrypto:
Reporter
Jeewan Singh is CryptoShrypto’s content writer and a seasoned writer with over two years of experience in writing about Indian Securities Market. Jeewan's participation in Blockchain and Cryptocurrency started in late 2020, and he hasn't looked back since. The technical and economic outcomes of cryptocurrency are what spark his curiosity, and he keeps one eye on the market.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

3 × four =

- Advertisment -

Most Popular