$200 Million Crypto Heist Is One of the ‘Most Chaotic Hacks’ in Web3 History

Another massive hack has rocked the crypto world amid what has been dubbed the “crypto winter” season.

An estimated $200 million was stolen from crypto startup Nomad, a platform that allows users to move and trade tokens between the Avalanche, Ethereum, Evmos, Moonbeam and Milkomedia C1 blockchains.

“We are working around the clock to address the situation and have notified law enforcement and retained leading companies for blockchain intelligence and forensics,” Nomad said. told users via Twitter on Tuesday morning. “Our goal is to identify the accounts involved and trace and recover the funds.”

It wasn’t revealed whether or not customers would be refunded if the funds weren’t recovered, though Nomad said it would provide further instructions via Twitter about what’s involved. being called one of the “most chaotic hacks Web3 has ever seen”.

While it’s unclear how the cyberattack occurred, it appears to have started with a change to the platform’s code.

Nomad is known in the crypto world as a Bridge, which allows users to transfer tokens from one blockchain to another by locking them into what’s called a “smart contract” on the first chain before transferring them.

According to Twitter user and crypto researcher @samczsun, updating Nomad’s smart contract code allowed hackers to start taking money from Nomad that wasn’t actually theirs.

“A routine update marked hash zero as a valid root, which had the effect of allowing messages to be forged in Nomad,” the researcher said. he wrote Twitter. “Attackers abused this to copy/paste transactions and quickly exhausted the bridge in a frenzied free-for-all.”

CoinDesk noted that attacks on crypto bridges have become more common recently, as many users have indicated an interest in moving their coins from one blockchain to another.

Earlier this summer, crypto Horizon lost over $100 million to hackers. Horizon is a bridge that allows users to move Ethereum coins to Binance Smart Chain.

In April, a bridge called Ronin lost a whopping $450 million in crypto in an attack on its services.

The series of hacks on Bridges show just one side of the dangers in the world of decentralized finance, leaving many wondering how, without regulation, there will ever be a sense of security when it comes to cryptocurrency.

Source link

Leave a Comment