Nomad, a cross-chain token bridge, has lost almost $200 million following a recent hack. The hack in question took place after Nomad pushed out an update that essentially made it easier for users to falsify transactions and withdraw funds that weren't theirs.
Once this exploit was discovered, word spread and hackers rushed to Nomad in a free-for-all grab. Nomad has since noted in a statement made to Coindesk that law enforcement has been contacted and an investigation into the accounts involved is ongoing.
10/ It turns out that during a routine upgrade, the Nomad team initialized the trusted root to be 0x00. To be clear, using zero values as initialization values is a common practice. Unfortunately, in this case it had a tiny side effect of auto-proving every message pic.twitter.com/fA3XbNW9qT— samczsun (@samczsun) August 2, 2022
To help further understand how a hack of this magnitude could happen, there’s an enlightening Twitter thread from Paradigm security researcher Samczun that elaborates on how users managed to swipe nearly $200 million from Nomad.
Another interesting detail, as reported by PC Gamer, is that five days prior to the Nomad hack the company had actually raised $22.4 million in a seed round with investors including the likes of Coinbase Ventures, Crypto.com, and OpenSea. With this seed round, Nomad had been valued at approximately $225 million.
Now that you’re caught up on what’s happening with Nomad, we’re curious to hear your thoughts. Do you know anyone affected by the Nomad hack? Let us know in Chatty! For more on everything crypto also be sure to check out some of our previous coverage including how the SEC recently probed Coinbase (COIN) over US digital asset trading.
Morgan Shaver posted a new article, Nomad crypto bridge hack leads to nearly $200 million loss
I just sat in on a conversation with two crypto dudes that were deep into it, talking about node distance algorithms and such. I know they’re really smart guys but I wonder to what extent all the lingo and math around crypto does it just serve to make smart guys feel even smarter?
Smart people can still make stupid decisions.