Robert Steinadler, 4 months ago
A cross-chain bridge is a DeFi protocol that allows users to transfer assets from one blockchain to another. While this sounds very simple it is indeed a complex operation that not only requires running smart contracts on multiple ends but also enough liquidity on all involved chains to service users who are looking to bridge their assets. Yesterday an incident occurred that was sad, to say the least.
What is Nomad and how did the protocol get exploited for about $150 million?
Nomad is a protocol that allows bridging assets between Ethereum, Polkadot, Moonbeam, and a few other networks. So far it looks like the developers made a couple of upgrades to protocol and changed a line of code that opened the gates of hell.
An unknown hacker was able to exploit the dev team’s error and withdraw funds from the bridge. After the exploit, the line of code that was used by the hacker spread on several chat groups and channels. It didn’t require any knowledge, all malicious users had to do was to copy that line and replace the Ethereum address with their own, and execute the exploit via Etherscan.
In effect, the Nomad bridge got drained its funds within a very short amount of time. That was not only hurtful to the reputation of Nomad and their partners like Moonbeam, but also a devastating blow against the crypto community. This was not the doing of a single but rather the greed of many who chose to pick the wrong side.
But it seems that not all hope is lost. Judging from social media activity many people tried to help by snatching the funds with the sole purpose of taking them into custody for Nomad. It is yet unclear how much has been saved by those volunteers.
They are taking a high risk in doing so because there is no way to differentiate between exploiters with remorse and helping hands. In fact, depending on the jurisdiction a person lives this could still constitute some sort of crime. Nevertheless, these people are a beacon of hope and while some people believe that the opportunity was good to make free money nothing can be further from the truth.
Many who took part in this didn’t care about the trails that they were leaving. Ever interacted with an exchange using that Ethereum address? Guess what, a three-letter agency next to the place you live will catch up to you. Promise!
Crime and blockchain don’t go well with each other. Even people who are proficient in covering their trails and exploiting blockchain technology are getting caught. The blockchain never forgets and it’s public.
Nov 24, 2022
In 2014 Mt. Gox which was the biggest Bitcoin exchange world wide at that time went bankrupt. The aftermath was a disaster since the platform got hacked earlier and an amount of 744,408 BTC left a gigantic hole in the company’s balance sheet. Over 8 years later some of these stolen coins are all of a sudden on the move.
Oct 13, 2022
Statistically speaking, October is one of the best-performing months for Bitcoin. While the market is waiting for inflation data to be presented, the “Uptober” became the “Hacktober” this week. Two DeFi protocols got hacked this week and hackers damaged investors for millions of Dollars again. What happened during the recent events and what makes one case specifically obscure?
Oct 10, 2022
Celsius is putting up a show after filing for chapter 11 bankruptcy in June. The past 4 months have been quite a ride for Celsius customers. Documents show that former CEO Alex Mashinsky cashed out about $17 million together with other top executives. His wife took out another $2 million just before customer accounts were frozen. This sheds a bad light on Celsius management and many people are wondering if these actions were legal. Why are there documents available with customers’ legal names and their investments? And have you been doxed as well?
Oct 07, 2022
The Binance Smart Chain is the second most successful smart contract platform and has created a vibrant ecosystem of DeFi applications. Only Ethereum created a bigger universe of decentralized services and products. Yesterday, the BSC was suffering from an exploit of epic proportions and Binance called to the validators to undertake drastic measures. How was the Binance Smart Chain hacked and how was the situation resolved?