Following the exploit, the bridge is left with only USD 651.54 remaining in the wallet, according to decentralized finance (DeFi) tracking platform DeFi Llama. However, some of the funds were withdrawn by ‘white hat friends’ who took the funds out with the intention of safeguarding them.
The first suspicious transaction, which may have been the genesis of the ongoing exploit, came at 9:32pm UTC when someone managed to remove 100 Wrapped Bitcoin (WBTC) worth about USD 2.3 million in tokens from the bridge.
The alarm bells were initially raised by the community, concerned over the potential exploit. The Nomad team confirmed at 11:35pm UTC that it was aware of the incident involving the token bridge, further investigating the event at that time. As the company observed, at least some of the people who took funds were acting benevolently to protect the crypto from getting into the wrong hands. The team added that it had retained the services of firms willing to help with blockchain intelligence and forensics.
The company notified law enforcement and is now working to address the situation and provide timely updates. Nomad’s goal is to identify the accounts involved and to trace and recover the funds. So far, at least one individual has come out and offered to act as a white hat hacker who intends to return the funds they took from the bridge.
The incident has seen WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL), and Charli3 (C3) tokens taken from the bridge. Exploiters removed tokens in an unusual fashion as each token was removed in nearly equivalent denominations. For example, transactions with exactly 202,440.725413 USDC were executed over 200 times.
Nomad is a token bridge that allows transfers of tokens between Avalanche (AVAX), ethereum (ETH), Evmos (EVMOS), Milkomeda C1, and Moonbeam (GLMR). Unlike other exploits that have become somewhat commonplace in 2022, this event so far has hundreds of addresses receiving tokens directly from the bridge.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now