Security company PeckShield Inc. estimates that Nomad, a bridge technology for transferring cryptocurrency tokens between several blockchains, lost close to $200 million on Monday due to a security flaw. Blockchain data reveals that different accounts withdrew money from the software system in small batches and over the course of several hours.
“An investigation is ongoing and leading firms for blockchain intelligence and forensics have been retained,” the company said in a statement. “Nomad’s goal is to identify the accounts involved and to trace and recover the funds.”
The attack makes Nomad the latest bridge to suffer an exploit this year. Bridges are software that enable different types of blockchains and their respective tokens to interoperate, rather than work in silos.
They have become frequent victims of hacks in recent years, with more than $1 billion stolen from bridges in 2022, according to a June report by forensics firm Elliptic.
Axie Infinity’s Ronin bridge lost about $600 million in March and Harmony’s Horizon was drained of $100 million in June.
The hack comes days after Nomad announced the full list of investors in its $22 million seed round, which was led by Polychain Capital, with participation from backers including Ethereal Ventures, Hack VC, Coinbase Ventures and Crypto.com Capital.
Nomad, which describes itself as a “security-first” cross-chain messaging protocol, had a vulnerability in its code that allowed attackers to broadcast fake messages and drain funds, PeckShield said.
One of the exploiters on Nomad was also involved in the $80 million hack from Rari Capital’s Fuse platform from April, according to PeckShield.
About Author
