A “bounty” is being offered by cryptocurrency provider Nomad to anyone who recovers assets that were taken from the business on Monday in a roughly $200 million crime.
Nomad promised not to file lawsuits against parties that restore at least 90% of the money and claimed it would refund up to 10% of the digital funds stolen by hackers.
“The most important thing in crypto is community, and our No. 1 goal is restoring bridged user funds,” Nomad CEO Pranay Mohan said in a statement. “To support that effort, we will treat any party who returns 90% or more of exploited funds as a white hats. We will not prosecute white hats.”
Update: Nomad Bridge Hack Bounty
(see below for details)
Please send the funds to the official Nomad recovery wallet address on Ethereum: 0x94A84433101A10aEda762968f6995c574bF154 https://t.co/8gO1xVl5IC pic.twitter.com/8D7SvbDQlO
— Nomad (⤭⛓🏛) (@nomadxyz_) August 4, 2022
In a Medium post, the company provided information on how to retrieve the stolen cryptocurrency. When white hats return monies, “Nomad is working closely with law enforcement and will push for no criminal charges,” Nomad added.
Hackers sucked off the virtual funds in a matter of hours during the attack on Nomad, which began on Monday and continued until Tuesday morning. The business claimed to have since received $20 million back.
Nomad runs a “blockchain bridge,” which enables users to transfer tokens between blockchains, resolving the issue of interoperability between various cryptocurrency kinds. However, these technologically advanced systems have been vulnerable to attacks, with hackers thus far in 2022 exploiting security flaws to steal more than $1 billion in assets.
A security researcher on Twitter described the Nomad attack as “chaotic” and a “free-for-all,” with people swarming to drain the accounts after realizing that a security flaw meant that if they could find a legitimate transaction request, they could effectively replace the other person’s address with their own and redirect assets to their own accounts.
12/ tl;dr a routine upgrade marked the zero hash as a valid root, which had the effect of allowing messages to be spoofed on Nomad. Attackers abused this to copy/paste transactions and quickly drained the bridge in a frenzied free-for-all
— samczsun (@samczsun) August 2, 2022
“Impersonators acting as Nomad and offering false addresses to collect payments,” Nomad claimed, were to fault.
The theft comes after Harmony, a blockchain bridge, was hacked in June and lost around $100 million as a result of the incident. These bridges are regularly targeted by cybercriminals as they are thought to be particularly susceptible to attacks, in part due to their relative youth and unavoidable faults. The $320 million wormhole hack from February and the over $600 million Ronin Network hack from March are recent examples of hacks.
According to Elliptic, bridges are especially prone to theft since they house numerous cryptocurrencies, making them attractive targets for hackers, as well as because they lack decentralization and monitoring. According to the group, some bridges just need a few signatures to approve a transaction, and some services have compromised security as a result of their rapid growth.