Cross-chain bridge Nomad hacked, $191 million stolen

The cross-chain bridge allows transfers between Avalanche (AVAX), Ethereum (ETH), Evmos (EVMOS), Milkomeda C1 and Moonbeam (GLMR).

In a major hack involving a cryptocurrency project, impersonators on Tuesday drained the cross-chain bridge Nomad of about $191 million, nearly emptying it of funds.

The cross-chain bridge allows transfers between Avalanche (AVAX), Ethereum (ETH), Evmos (EVMOS), Milkomeda C1 and Moonbeam (GLMR).

$190.7 million stolen

According to aggregator DeFi TVL and analytics provider DefiLlama, the total amount taken stood at $190.7 million.

After the hack, the total value locked with the project is $5,900, according to DefiLlama.

At 9.32 UTC, 100 Wrapped Bitcoin (WBTC) worth $2.3 million were withdrawn from Nomad in the first unauthorised transaction.

Even as the community raised an alarm of an exploit, Nomad stated that it knew of the incident involving the Nomad token bridge and that it was investigating and would provide updates in due course.

“We’re aware of impersonators posing as Nomad and providing fraudulent addresses to collect funds. We aren’t yet providing instructions to return bridge funds. Disregard comms from all channels other than Nomad’s official channel: @nomadxyz,” Nomad stated.

IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL) and Charli3 (C3) are among the tokens that were taken, along with WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG) and Dai (C3).

Funds transferred to hundreds of addresses

Notably, in contrast to earlier attacks, hundreds of addresses received money from the bridge as a result of this hack.

In addition, the Moonbeam smart contract platform (GLMR) entered maintenance at 11.18 PM UTC. This was carried out to look into a possible security issue.

The operation will turn off all of Moonbeam’s features, including communications between smart contracts and customary user transactions.

Nomad releases names of investors in seed round

A few days earlier, Nomad made public the full list of investors who contributed to its $22-million seed round. These investors included reputed names like Polychain Capital, Wintermute, Coinbase Ventures and Wintermute.

Cross-chain bridges under attack

Cross-chain bridges have of late been attacked a number of times by hackers.

Recently, concentrated liquidity pool Crema Finance suffered an exploit that resulted in over $9 million being stolen. After intense negotiations, the hacker agreed to return most of the funds for a $1.6-million bounty.

Also, Layer 1 blockchain protocol Harmony Protocol suffered a theft on the Horizon bridge, amounting to around $100 million in which tokens including WETH, AAVE, SUSHI, DAI, Tether (USDT) and USD Coin were stolen. The hacker rejected a $1-million bounty offered as part of negotiations.

In January this year, Qubit Finance’s bridge was hacked for $80 million and a month later, bad actors stole $320 million from the Wormhole bridge.

In March, $622 million worth of Ethereum and USDC were stolen from Axie Infinity’s Ronin bridge.