{"id":480216,"date":"2022-08-02T03:28:40","date_gmt":"2022-08-02T00:28:40","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/nomad-token-bridge-drained-of-190m-in-funds-in-security-exploit\/"},"modified":"2022-08-02T03:28:40","modified_gmt":"2022-08-02T00:28:40","slug":"nomad-token-bridge-drained-of-190m-in-funds-in-security-exploit","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/nomad-token-bridge-drained-of-190m-in-funds-in-security-exploit\/","title":{"rendered":"# Nomad token bridge drained of $190M in funds in security exploit"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2fcd1e8329f\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2fcd1e8329f\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/nomad-token-bridge-drained-of-190m-in-funds-in-security-exploit\/#%E2%80%9D_Nomad_token_bridge_drained_of_190M_in_funds_in_security_exploit_%E2%80%9C\" >&#8221; Nomad token bridge drained of $190M in funds in security exploit &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Nomad_token_bridge_drained_of_190M_in_funds_in_security_exploit_%E2%80%9C\"><\/span>&#8221; Nomad token bridge drained of $190M in funds in security exploit &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div class=\"post-content\" data-v-28d77a7a>The Nomad token bridge <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears to have experienced a security exploit that has allowed hackers to systematically drain the bridge\u2019s funds over a long <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/watch-movies-tv-seriess\/\" data-internallinksmanager029f6b8e52c=\"8\" title=\"Watch Movies &amp; TV Series\" target=\"_blank\" rel=\"noopener\">series<\/a> of transactions.<\/p>\n<p>Nearly the entire $190.7 million in crypto has been removed from the bridge, with only\u00a0$651.54 left remaining in the wallet,\u00a0according to decentralized finance (DeFi) tracking platform <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/defillama.com\/protocol\/nomad\">DeFi<\/a> Llama.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Nomad bridge is getting drained, your funds might be at risk and might be able to still withdraw the remaining funds \u26a0\ufe0f <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/RgYmjSV9eB\">https:\/\/t.co\/RgYmjSV9eB<\/a><\/p>\n<p>\u2014 stani.lens (,) (@StaniKulechov) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/StaniKulechov\/status\/1554239044653121536?ref_src=twsrc%5Etfw\">August 1, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nThe first suspicious <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/tokentxns?a=0x88a69b4e698a4b090df6cf5bd7b2d47325ad30a3&amp;ps=100&amp;p=6\">transaction<\/a>, which may have been the genesis of the ongoing exploit, came at 9:32pm UTC when someone managed to remove 100 Wrapped Bitcoin (WBTC) worth about $2.3 million tokens from the bridge. <\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/s3.cointelegraph.com\/uploads\/2022-08\/df641b47-7e7a-40e5-aa54-4c832be43974.PNG\"><\/figure>\n<p>Shortly after the community raised alarm bells over the potential exploit, the Nomad team confirmed at 11:35pm UTC that it was aware of the &#8220;incident involving the Nomad token bridge&#8221; adding it is &#8220;currently investigating the incident.&#8221;\u00a0The team did not im<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">media<\/a>tely respond to a request for comment.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them.<\/p>\n<p>\u2014 Nomad (\u292d\u26d3) (@nomadxyz_) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/nomadxyz_\/status\/1554246853348036608?ref_src=twsrc%5Etfw\">August 1, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The incident has seen WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL), and Charli3 (C3) tokens taken from the bridge.<\/p>\n<p>Exploiters removed tokens in an unusual fashion as each token was removed in nearly equivalent denominations. For example, transactions with exactly 202,440.725413 USDC were executed over 200 times.\u00a0<\/p>\n<p>Nomad is a token bridge that allows transfers of tokens between Avalanche (AVAX), ethereum (ETH), Evmos (EVMOS), Milkomeda C1, and Moonbeam (GLMR). <\/p>\n<p>Unlike other exploits that have become somewhat commonplace in 2022, this event so far has hundreds of addresses receiving tokens directly from the bridge.<\/p>\n<p>Meanwhile, the Moonbeam smart contract platform from the Polkadot network, whose native GLMR token was one targeted in the Nomad exploit, went into <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/MoonbeamNetwork\/status\/1554245102071123968\">maintenance<\/a> mode at 11:18pm UTC \u201cto investigate a security incident.\u201d As a result, Moonbeam\u2019s functionality such as regular user transactions and smart contract interactions will be disabled.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">1\/ Important Notice: The Moonbeam Network has gone into Maintenance Mode in order to investigate a security incident with a smart contract deployed on the network.<\/p>\n<p>\u2014 Moonbeam Network #HarvestMoonbeam (@MoonbeamNetwork) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/MoonbeamNetwork\/status\/1554245102071123968?ref_src=twsrc%5Etfw\">August 1, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The attack is untimely for the bridge which and its seed round investors from a fundraise in April. On July 29, the project revealed in a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/nomadxyz_\/status\/1552674247977287680\">tweet<\/a> that Coinbase Ventures, OpenSea, and five other major companies in the crypto industry participated in an April seed round fundraising which landed Nomad a $225 million valuation.<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/nomad-token-bridge-drained-of-190m-in-funds-in-security-exploit\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Nomad token bridge drained of $190M in funds in security exploit &#8220; The Nomad token bridge appears to have experienced a security exploit that has allowed hackers to systematically drain the bridge\u2019s funds over a long series of transactions. Nearly the entire $190.7 million in crypto has been removed from the bridge, with only\u00a0$651.54&#8230;<\/p>\n","protected":false},"author":1,"featured_media":480217,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDgvZjg5MzEwZDMtYWM3MS00ZjY5LTk2ODctZWU1YmU5MTI4MjljLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74868,74892,70375,70944,72287],"class_list":["post-480216","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-defi","tag-tokens","tag-cybersecurity","tag-hackers","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/480216","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=480216"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/480216\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/480217"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=480216"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=480216"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=480216"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}