Cross-Chain Bridge Nomad Loses $190 Million, Making It the Third Biggest Crypto Heist of 2022 – Bitcoin News - India Blogger

On Monday, cross-chain token Bridge Nomad was attacked and hackers managed to embezzle $190 million from the protocol, leading to the withdrawal of most of the funds. The Nomad cross-chain bridge attack was the third largest crypto heist of 2022, and the ninth largest ever.

Nomad Cross-Chain Bridge Exploited for $190 Million

In the world of decentralized finance (DeFi) cross-chain bridges simply cannot catch a break, no matter how long they have been in operation and even after the bridges are audited. On August 1, 2022, cross-chain bridge Nomad suffered an attack that caused the bridge to lose $190 million in crypto funds. Security experts from blockchain auditing firm Certic published an incident report detailing what happened.

“The vulnerability was in the initialization process where the “commit root” is set as zero,” Certik wrote. “Therefore, the attackers were able to bypass the message verification process and extract the token from the bridge contract,” Certik said, noting:

The exploit occurred when a routine upgrade allowed the verification messages on Nomad to be bypassed. Attackers abused it to copy/paste transactions and were able to eliminate almost all of the bridge of funds before it was stopped.

The number of crypto project attacks by month, according to Comparitech researchers.

Cross-chain bridges have been plagued by exploit after exploit since they were first introduced. At the end of March, $620 million was stolen from Axie Infinity’s Ronin Bridge in the biggest hack of 2022. Researchers at Comparitech elaborated that the Nomad Bridge attack was the third biggest breach of the year, according to the research firm’s crypto heist tracker. While Nomad was connected to various blockchain networks, Emin Gun Sirer, founder and CEO of AVA Labs, tweeted about the incident and said that the AVAX bridge was secure.

“The Nomad Bridge Used by Non-Avalanche Chains Was Hacked Today,” Gunn Sirer wrote, “Nomad was the official bridge for EVMOS (Cosmos EVM), Moonbeam (Polkadot EVM), and Milkomeda (another EVM) – the avalanche bridge is unaffected.”

Nomad raised $22 million in April after blockchain security company Certic said this particular bug would be ‘difficult to find under traditional auditing practices’

The attack against Nomad Bridge follows a project to raise approximately $22.4 million in seed funding in a funding round led by Polychain Capital. Other strategic investors that helped Nomad raise funds include 1kx, Ether Ventures, Hack.vc, Circle Ventures, Ember, Robot Ventures, Hypersphere, Figment, Dialectic, Archetype and Laserprime. While a comprehensive audit could find the Nomad Bridge vulnerability, Certic’s blockchain and smart contract auditors say the attack may be more difficult to spot in a traditional audit.

“This type of issue would be difficult to find under traditional auditing practices that assume all deployment configurations are correct, as this particular bug was introduced by mistakes in deployment parameters,” concludes Certik’s report on the Nomad situation. “However, a comprehensive auditing process and full-scope penetration testing that includes validating deployment processes will potentially catch this bug,” the auditors said.

Tags in this story

$22 million, ember, archetype, bridge, bug, certificate, certificate auditor, certificate audit, circle ventures, comparitech, comparitech researchers, cross-chain bridge, cross-chain bridge hacks, crypto heist, defi vulnerability, defi vulnerability, dialectic, emin Gun Serer, Exploit, Figment, Hypersphere, Laserprime, Nomad, Nomad Bridge, Nomad Cross-Chain Bridge, Nomad Theft, Robot Ventures, Stolen Crypto, 3rd Biggest Robbery

What do you think about the recent cross-chain exploit against Nomad Bridge? Let us know what you think about this topic in the comment section below.

Jamie Redmayne

Jamie Redmayne is the News Lead at Bitcoin.com News and a financial tech journalist based in Florida. Redmayne has been an active member of the cryptocurrency community since 2011. He has a passion for bitcoin, open-source code, and decentralized applications. Since September 2015, Redmayne has written over 5,700 articles for Bitcoin.com News about the disruptive protocols emerging today.

image credit: Shutterstock, Pixabay, WikiCommons, Comparitech,

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation or recommendation or endorsement of an offer to buy or sell any products, services, or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the Company nor the author is responsible, directly or indirectly, for any damage or loss alleged to be caused by or in connection with the use or reliance on any materials, goods or services mentioned in this article.

Baca juga

Post a Comment