White Hat Hackers Return $9M Following $200M Nomad Bridge Exploit

According to a PeckShield report, white hat hackers have returned around $9 million of stolen Nomad bridge crypto tokens, a day after its $200 million exploit.

Be[In]Crypto had reported that the attack that took place on August 1 targeted almost $200 million in WETH and WBTC tokens. Soon after which, Nomad released a wallet address in order to reclaim money that had been safeguarded by ethical hackers during the attack.

Nomad Bridge Funds Recovery Process

Dear white hat hackers and ethical researcher friends who have been safeguarding ETH/ERC-20 tokens,

Please send the funds to the following wallet address on Ethereum: 0x94A84433101A10aEda762968f6995c574D1bF154 pic.twitter.com/UF623JSZ8u

— Nomad (⤭⛓🏛) (@nomadxyz_) August 3, 2022

The release also reiterated that “this is the ONLY official funds recovery address,” confirming that it has partnered with custodian bank Anchorage Digital to accept and safeguard the returned tokens.

Ethical hackers return funds in ETH, USDC, USDT, etc.

PeckShield detected that the $9 million that has returned include 100 ETH tokens that come close to $164,000 in market value. In addition, the funds also include around 3.78 million in USDC stablecoin, 2 million in USDT stablecoin, 15.8 million CQT covalent query token amounting close to $1.38 million, 1.2 million FRAX amounting to around $1.2 million, 200 WETH amounting around $328,000 in fiat and 150,000 DAI stablecoin among other crypto tokens.

PeckShield had earlier stated that six white hat hackers have gone to safeguard over $8 million, with around $7 million with seven Maximal Extractable Value (MEV) bots sitting on over $7 million.

The security firm has estimated that three prime addresses still house about 50% of the stolen crypto. And 10% of these hackers, with around $6 million in stolen funds, have Ethereum Name Service (ENS) domain addresses. That said, the Nomad team has reaffirmed that they are actively collaborating with law enforcement and a top chain analysis company, TRM Labs, to find the funds.

Nomad heist among top 10 biggest hacks so far

Meanwhile security firm Elliptic has called it the eighth biggest crypto heist so far. The firm explained in a blog post on Wednesday that the attackers used a coding flaw to spoof transactions and drain most of the funds in Nomad’s Ethereum contract.

🚨 The Nomad cross-chain bridge hack is the 8th largest crypto theft ever. Elliptic has identified over 40 exploiters with the most prolific gaining almost $42m. Wallets used to initiate previous DeFi thefts are among those involved in this exploit. https://t.co/iH4SlwdJWE pic.twitter.com/IlPudKkzem

— elliptic (@elliptic) August 2, 2022

This was allowed by a recent modification to Nomad’s smart contract, the post stated, allowing attackers to falsely claim ownership of collateral within the bridge.

Elliptic stated, “The initial exploiter utilized the vulnerability to bridge 0.1 Wrapped Bitcoin (WBTC) through the Moonbeam blockchain – ending up with 100 WBTC ($2.3 million) on Ethereum.”

What do you think about this subject? Write to us and tell us!