Ethical Hackers Return $9 Million USD to Nomad Crypto Bridge Protocol
After Nomad published its wallet address for those drained funds to be returned – but leaves the question of whether more can be recovered.
On Wednesday, August 3, blockchain security company PeckShield reported that the hackers responsible for stealing $190 million USD from the crypto bridge protocol Nomad just a day before, returned $9 million USD to a wallet address belonging to Nomad.
#PeckShieldAlert PeckShield has detected ～$9m has returned into @nomadxyz_ Funds Recovery Address, including 100 $ETH (~$164k) from address with ENS name bitliq.eth, ~3.78m $USDC, ~2m $USDT, ~15.8m $CQT (~$1.38m), ~1.2m $FRAX (~$1.2m), 200 $WETH (~328k), ~150k $DAI and etc. pic.twitter.com/Bpyjt7jnek
— PeckShieldAlert (@PeckShieldAlert) August 3, 2022
Nomad, a cross-chain bridge, which allows users to transfer tokens from Ethereum to other blockchains, shared the news of the attack on Tuesday, tweeting that it was “aware of the incident” and was currently investigating it, but didn’t provide much information beyond that.
Those who indicated they drained funds claimed they were “white hat hackers” trying to keep the funds safe until a wallet address was provided, according to Gizmodo. A Nomad representative also told CoinTelegraph that they were grateful for those white hatters who were helping to safeguard the crypto.
On Wednesday, Nomad sent out a tweet requesting that those “white hat hackers” and “ethical researchers” behind the “free-for-all” attack return the funds to a wallet address Nomad provided.
As of press time, the majority of funds sent back to the San Francisco-based protocol amounted to $3.8 million (USD) of USDC and $2 million (USD) of USDT.
Reports indicate that Nomad is now working with law enforcement and blockchain forensics firms to trace the hackers responsible for the cybersecurity attack. As part of the recovery process, Nomad says it’s also working to patch the vulnerability that led to Tuesday’s massive theft.
“We are actively working with a leading chain analysis firm and law enforcement to trace funds. All involved are prepared to take necessary action in the coming days,” the statement read. “If you took ETH/ERC-20 tokens with the intention of returning them, we now have a process for you to do so,” it continued.
A CoinDesk report also shared that crypto custodian Anchorage Digital will be handling and safeguarding the returned assets. While Nomad’s massive hack demonstrates yet another case study of how vulnerable everyone in this space truly is, it certainly isn’t the largest hack to happen in the industry.
To date, over $1.8 billion USD has been stolen from bridges, with the majority of those attacks happening in 2022, according to Elliptic.
In March, Axie Infinity’s Ronin Bridge lost more than $625 million USD, which was considered to be the largest flash loan attack to date. Axie Infinity’s parent company, Sky Mavis, announced in June that it had successfully restarted the Ronin Bridge after internal and external audits were conducted by blockchain security firms Verichains and Certik.
In other Web3 news, Michael Saylor Bets Big on Bitcoin and Steps Down as MicroStrategy CEO.