Hackers Return $9M of the $190 Million Stolen From the Nomad Bridge
- Reportedly, Nomad Bridge is cooperating with law enforcement agents and data analytics firms regarding the matter.
Within 24 hours of exploiting the Nomad bridge for $190.38 million, hackers have returned $9 million of the stolen amount. The amount returned was confirmed by blockchain security firm, Peckshield. Thus, indicating that the hackers still have over 95 percent of the cross-chain bridge’s funds.
Before the hackers returned the funds, Nomad bridge issued a plea to the hackers via Twitter. In the tweet, Nomad referred to the hackers as white hat and ethical researcher friends. Then, it dropped its wallet address for the hackers to return the stolen funds. As contained in the tweet, all funds returned by the hackers will be safeguarded by anchorage digital.
Anchorage digital is a nationally regulated custodian firm. However, Nomad revealed that it is working with the relevant authorities and blockchain security experts to track the stolen funds. It added that it would take the necessary action in the next few days. According to sources close to the matter, the $9 million returned by the hackers were majorly stablecoins ($2 million USDT and $3.78 million USDC).
Nomad Bridge Joins Other Networks in Similar Situation
The Nomad bridge attack brings the amount stolen from bridge exploits this year to over $1 billion. In March, hackers stole a whopping $625 million from the ronin bridge, while they also stole $100 million from the horizon bridge two months ago. A blockchain analytics firm, Elliptic report has linked nearly all of these bridge attacks to North Korea-sponsored hackers.
North Korea has been sponsoring hackers to steal cryptos to fund its nuclear weapons program. The nation has also been using the funds to evade economic sanctions. The Elliptic report further said, “cyber hackers have always been attracted to bridges because of their huge liquidity.”
In less than 24 hours of the hack on Nomad bridge, another hack targeting the Solana ecosystem took place. Users report the draining of their funds from Phantom, Trust Wallet, and Slope wallets. OtterSec (a blockchain auditing firm) reports that the attack is still ongoing, but more than 8,000 wallets have been exploited already.
The source of the attack, which started on Tuesday evening, isn’t known. However, mobile wallet users have been the most affected by this attack. Early reports suggest that the attacker found the means to initiate and approve transactions without the holders’ consent. Hence, experts suggest that the attack is likely a supply-chain attack involving a third-party service compromise.
The attack revives the security doubts surrounding hot wallets. Hot wallets are connected to the internet daily to make crypto transactions instant and seamless. Many crypto wallet experts have suggested using cold wallets instead of hot wallets for security reasons.
A phantom representative said the team had already commenced an investigation into the matter. Solana users continue to flood Twitter with notifications of the sudden loss of funds from their accounts. It is unclear at this point where the crypto market will maintain its resilience following the Solana attack as it did after the Nomad bridge attack.