Hackers Loot Blockchain Bridge for Millions In “Frenzied Free For All”

WhatsApp
Telegram
Facebook
Twitter
LinkedIn
Pinterest
Reddit


“One of the most chaotic hacks that Web3 has ever seen.”

That’s Bad

On Monday, hackers exploited a basic vulnerability in the code of Nomad — a crypto “bridge” that allows customers to transfer cryptocurrencies between different blockchains — getting away with roughly $190 million in user investments, CNBC reports.

This hack is just the latest in a string of attacks on crypto bridges, platforms that, according to CNBC, have collectively lost more than $1 billion to hackers in 2022 alone.

Given that Nomad markets itself as a “secure” platform, the company definitely has a lot of explaining to do.

Copy Paste

Though the company has remained tight-lipped about the incident, some analysts have weighed in on what they think went down.

“Nomad just got drained for over $150 million in one of the most chaotic hacks that Web3 has ever seen,” Sam Sun, a researcher at crypto investment firm Paradigm, wrote in a viral Twitter thread.

Sun alleged that the hackers needed very little technical knowledge to execute the heist, which he described in one tweet as a “frenzied free-for-all.”

According to Sun, the hackers simply exploited a coding mistake in a routine software update — a shocking error that allowed bad actors to forge transaction data with a simple copy-paste command.

“All you had to do was find a transaction that worked, find/replace the other person’s address with yours, and then re-broadcast it,” Sun explained.

According to CNBC, Nomad has yet to inform its users if they’ll be reimbursed — but given the industry’s track record, users should be ready to call their lost investments a write-off.

READ MORE: Hackers drain nearly $200 million from crypto startup in ‘free-for-all’ attack [CNBC]

More on crypto hacks: Wildly Overconfident Crypto.Com Bros Admit That Hackers Stole $30 Million of Its Money





Source link

Share it with your friends

WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit
Crowded Hell

Crowded Hell

Leave a Reply

Your email address will not be published.