Crypto bridge Nomad has managed to recover more than $22.4 million of the total $190 million worth of Ethereum and Ethereum-based tokens stolen earlier this week.
Nomad Recovers $22M of $190M Exploit
According to data from Etherscan, $22.4 million, or 11.7% of the $190 million hack, has been returned to Nomad as a result of the team’s reward offer.
The amount recovered is now greater than twice the $9 million that ethical hackers returned to Nomad on Wednesday. More funds were recovered after Nomad offered a 10% bounty on Thursday.
On August 1, more than 300 addresses took $190 million from Nomad’s cross-chain bridge, a tool that allows users to transfer ERC-20 tokens between Ethereum, Moonbeam, Evmos, and Avalanche.
The bridge had a critical vulnerability that was made public, allowing funds to be drained. Nomad developers introduced the vulnerability during a smart-contract update.
10% Bounty Offer for White Hats
On Thursday, the Nomad team announced that the 10% bounty would be paid to anyone who returned the stolen tokens to a specific return address.
Pranay Mohan, co-founder and CEO of Nomad, commented in an official statement:
“The most important thing in crypto is community, and our number one goal is restoring bridged user funds.”
In the same vein, Nomad will deem any hacker who returns at least 90% of the total stolen funds to be a white hat hacker. White hat hackers are also known as “ethical hackers” at times. Despite the fact that these hackers typically apply the same methods as black hat hackers, they usually have approval from the site owner, making their hack legal. White hats are frequently used to improve platform security.
Mohan added that Nomad “will continue to work with our partners, intelligence firms, and law enforcement to pursue all other malicious actors to the fullest extent permitted by law.”
Nomad stated that it is working with law enforcement to investigate the incident. It has also collaborated with TRM Labs, an on-chain analytics firm, to track the flow of funds across addresses involved in the exploit.
Cybercriminals Target Crypto Bridges
In recent months, bridge attacks have become more prevalent as crypto users have shown a greater desire to swap assets between blockchains.
Despite the fact that cross-chain bridges have made it possible for new blockchains to proliferate, the consequences of bridge failures can be potentially devastating for smaller chains that depend on them for a significant portion of their total liquidity.
Evmos, one of the more recent blockchains serviced by Nomad, tweeted that it would “brainstorm community solutions” in response to the Nomad attack, as it “significantly affects initial Evmos [total value locked].”
In April’s Ronin bridge attack, the largest decentralized finance (DeFi) attack in history, over $600 million worth of crypto was drained from the bridge that supports the blockchain-based game Axie Infinity.
A few months earlier, more than $300 million was siphoned off the Wormhole bridge, taking a toll on the Solana blockchain community and the broader decentralized finance ecosystem.
Earlier this year, Vitalik raised security concerns regarding cross-chain bridges. Even though he considers multi-chain solutions to be the future of blockchain technology, he believes that holding native blockchain assets on the native blockchain is safer than holding them on a non-native blockchain.