San Francisco: Cryptocurrency service Nomad has suffered a “chaotic” attack, with hackers draining almost $200 million in digital funds from the company within a few hours.
In a tweet, Nomad said it is “working around the clock to address the situation and have notified law enforcement and retained leading firms for blockchain intelligence and forensics”.
According to CBSNews, the company added that its goal is to identify the accounts that siphoned cryptocurrencies from its service and recover the money.
Nomad operates a so-called blockchain bridge, which allows people to move tokens from one blockchain to another, solving the challenge of interoperability between different types of cryptocurrencies.
But these technologically complex services have been prone to attacks, with hackers exploiting security vulnerabilities to steal more than $1 billion in assets so far in 2022, according to forensics firm Elliptic.
One security researcher on Twitter described the Nomad attack as “chaotic” and a “free-for-all,” with people swarming to drain the accounts after realising that a security flaw meant that if they could find a valid transaction request, they could replace the other person’s address with their own and effectively redirect assets to their own accounts.
Nomad blamed “impersonators posing as Nomad and providing fraudulent addresses to collect funds.”
The theft follows the hack of blockchain bridge Harmony in June, which lost about $100 million in the attack. These bridges are seen as especially vulnerable to hacks partly because of their relative newness and inevitable bugs and are therefore frequently targeted by cybercriminals.
Recent hacks include the $320 million wormhole hack in February and the more than $600 million Ronin Network hack in March.
–IANS