Nomad Bridge loses $190 million in chaotic copy-paste attack

In the early hours of August 2, Nomad bridge posted an alert that it was aware of an ongoing exploit. Over the next few hours, over $190 million in funding for the entire protocol was drained.

Crypto community developer and white hat “samczsun” broke the chain of events, explaining what happened. He called the attack “one of the most confusing hacks Web3 has ever seen.”

Nomad is a token bridge for cross-chain transfers between Ethereum, Avalanche, Milcomeda and Moonbeam.

Nomadic funds run out

The researcher shared a tweet on the ETHSecurity Telegram channel showing multiple funds transactions leaving the bridge. At first glance this appears to be a misconfiguration of token decimals, but samczsun finds that:

“However, after some painful manual mining on the Moonbeam network, I confirmed that while the Moonbeam transaction did bridge 0.01 WBTC, somehow the Ethereum transaction bridged 100 WBTC.”

The difference with this exploit is that the transaction is not “proven” and executed directly. “Being able to process a message without first proving it is very bad,” samczsun said. The coders dug more and found a fatal flaw in a “replica” smart contract initialized during a regular Nomad upgrade.

It’s confusing because crypto thieves don’t need any technical knowledge, he added. They just need to find a valid transaction, replace the destination address with their own, and rebroadcast it.

“Routine escalation marks zero hash as a valid root, which has the effect of allowing messages to be spoofed on Nomad. Attackers abuse it to copy/paste transactions and quickly drain bridges in frantic dogfights,”

TVL reset to zero

Nomad even discovered fraudulent addresses trying to steal funds returned to the bridge.

according to DefiliamaNomad’s total locked value plummeted from $190.38 million to $5,336 in the past few hours.

Nomad is the latest token bridge attack this year, following high profile attacks by Ronin Bridge, Wormhole and Harmony.

Special Offer (Sponsored)

Binance Free $100 (Exclusive): Use this link to sign up and get $100 for free and a 10% fee discount for your first month on Binance Futures (Terms).

PrimeXBT Special Offer: Use this link to sign up and enter code POTATO50 to get a deposit of up to $7,000.

Source link

Leave a Reply

Your email address will not be published.