White Hat Hackers Return $9M Following $200M Nomad Bridge Exploit

According to a PeckShield report, white hat hackers have returned around $9 million of stolen Nomad bridge crypto tokens, a day after its $200 million exploit.

Be[In]Crypto had reported that the attack that took place on August 1 targeted almost $200 million in WETH and WBTC tokens. Soon after which, Nomad released a wallet address in order to reclaim money that had been safeguarded by ethical hackers during the attack.

The release also reiterated that “this is the ONLY official funds recovery address,” confirming that it has partnered with custodian bank Anchorage Digital to accept and safeguard the returned tokens.

Ethical hackers return funds in ETH, USDC, USDT, etc.

PeckShield detected that the $9 million that has returned include 100 ETH tokens that come close to $164,000 in market value. In addition, the funds also include around 3.78 million in USDC stablecoin, 2 million in USDT stablecoin, 15.8 million CQT covalent query token amounting close to $1.38 million, 1.2 million FRAX amounting to around $1.2 million, 200 WETH amounting around $328,000 in fiat and 150,000 DAI stablecoin among other crypto tokens.

PeckShield had earlier stated that six white hat hackers have gone to safeguard over $8 million, with around $7 million with seven Maximal Extractable Value (MEV) bots sitting on over $7 million.

The security firm has estimated that three prime addresses still house about 50% of the stolen crypto. And 10% of these hackers, with around $6 million in stolen funds, have Ethereum Name Service (ENS) domain addresses. That said, the Nomad team has reaffirmed that they are actively collaborating with law enforcement and a top chain analysis company, TRM Labs, to find the funds.

Nomad heist among top 10 biggest hacks so far

Meanwhile security firm Elliptic has called it the eighth biggest crypto heist so far. The firm explained in a blog post on Wednesday that the attackers used a coding flaw to spoof transactions and drain most of the funds in Nomad’s Ethereum contract.

This was allowed by a recent modification to Nomad’s smart contract, the post stated, allowing attackers to falsely claim ownership of collateral within the bridge.

Elliptic stated, “The initial exploiter utilized the vulnerability to bridge 0.1 Wrapped Bitcoin (WBTC) through the Moonbeam blockchain – ending up with 100 WBTC ($2.3 million) on Ethereum.”

What do you think about this subject? Write to us and tell us!


All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Share Article

Shraddha is an India-based journalist who worked in business and financial news before diving into the crypto space. As an investment enthusiast, she has also has a keen interest in understanding crypto from a personal finance standpoint.

Follow Author