Hacker Returns $9M to Nomad After Draining Over $190M

Nomad exploit was one of the biggest cryptocurrency hacks in history. As a result, over $190 million worth of funds were drained. It was branded as “one of the most chaotic hacks that Web3 has ever seen.”

PeckShield has detected the recovery of $9 million in different crypto-assets to the cross-chain bridge. As per the company’s findings, a majority of the funds were returned in the form of USDC stablecoin followed by USDT, and other altcoins.

Nomad’s Appeal to Return Funds

The exploit occurred due to a flaw in the smart contract. This drove hundreds of users, with no technical knowledge, to find a transaction that worked, modify the target address with their own, and rebroadcast it. Basically, copy-pasting the steps followed by the original hacker. The nature of the event led anonymous Terra researcher FatMan to deem the attack as “the first decentralized robbery.”

The team later confirmed that some users who raked in funds were, in fact, trying to help the project by preventing the crypto to fall into wrong hands. Nomad then urged white hat hackers and ethical researchers to return the tokens.

The blockchain security firm, PeckShield, noted that nearly 3.78 million USDC, 2 million USDT, 15.8 million CQT (approx. $1.38 million), $1.28 million FRAX (approx. $1.2 million), 100 ETH (approx. $164k), 200 WETH (approx. $328k) were recovered. More than 50% of stolen funds still sit on 3 main addresses.


ADVERTISEMENT

Nomad has announced receiving $22.4 million in a seed round from industry giants Coinbase Ventures, OpenSea, CryptoCom Capital, Polygon, Gnosis, Polygon, etc., just a few days before the security breach. The team is currently working with a leading intelligence firm, TRM Labs, as well as law enforcement to trace the stolen funds and identify the recipient wallets.

Major Red Flag Ignored

As investigations continue, reports about a lapse from Nomad’s side have cropped up. According to crypto analysis group BestBrokers, the vulnerability that was exploited by the attackers was allegedly highlighted in a Security Audit Report done by Quantstamp on 6th June 2022.

It was reportedly deemed as “Low Risk.” The Nomad team even responded by saying – “We consider it to be effectively impossible to find the preimage of the empty leaf.”

CryptoPotato has reached out to Nomad regarding the development and will update the story accordingly.

SPECIAL OFFER (Sponsored)

Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.

You Might Also Like: