Hackers Stolen $190 million from Crypto Startup in ‘free-for-all’ Attack

Hackers have stolen nearly $200 million in crypto from the Nomad blockchain bridge, CNBC reported, citing sources.

“We are aware of the incident related to the Nomad Token Bridge. We are currently investigating and will provide an update when we have it,” the organization said.

Later, the developers published a record that confirmed that the attackers managed to steal digital assets. “We are working around the clock to resolve the current situation, and also notified law enforcement agencies about the incident and involved leading blockchain analysis and expertise companies in the investigation. Our goal is to identify the funds involved, track them down and return them,” Nomad said in a statement.

Blockchain security experts described the exploit as “free for everyone.” Anyone who knew about the exploit and how it worked could exploit the vulnerability and withdraw some tokens from Nomad, a kind of ATM that ejects money at the push of a button.

It is noted that it is not entirely clear how the attack was organized, and whether Nomad plans to reimburse users who lost tokens.

According to available data, after updating the platform in part of the Nomad code, a bug occurred that allowed the withdrawal of more assets than was deposited on it.

According to PeckShield, at first, the hacker who discovered the problem quickly stole nearly $95 million. As news of the original exploits spread through crypto circles, other attackers rushed to join in. Within an hour, over 300 addresses received funds from Nomad.

PeckShield estimates that 41 of them took $152 million, equivalent to 80% of the stolen funds from the Nomad gateway.

Nomad is a cross-chain bridge, a tool that allows users to move ERC-20 tokens between Ethereum, Moonbeam, Evmos, and Avalanche. It is one of several bridge services available in the crypto industry.