Search module is not installed.

$190 million criptocurrency stolen from US-based Nomad

02.08.2022

A $190 million theft has hit the U.S.-based Nomad, according to a report by the researchers. The revelation came a week after Nomad raised $22 million from investors.

In a tweet, Nomad said it was aware of the incident and was currently investigating, without giving any further details or the value of the theft.

It is not known how the criptocurrency was orchestrated. PeckShield, the firm that makes up for $190 million worth of users, said cryptocurrencies were stolen, including ether and the stable coinUSDC. Other researchers put the figure at over $150 million.

In a follow-up tweet early this morning, Nomad said it was able to recover some of the funds without specifying the amount. The company said that we should let the company know what we should do to return them.

In a statement to CoinDesk, Nomad said it has notified law enforcement and is working with forensics firms to try to find the accounts involved and get back the funds.

Nomad is the fourth victim of criptocurrency theft. In August of last year, hackers stole $90 million worth of criptocurrency from the Japanese criptocurrency exchange Liquid. The startup said that some of its digital currency wallets have been compromised, and that hackers are transferring the assets to four different wallets.

We have more details about the attack. It was started with an upgrade to Nomad s code, according to security experts. A part of the code was marked as valid when users decided to initiate a transfer, which allowed thieves to withdraw more assets than were deposited into the platform. Once other attackers were getting used to what was going on, they deployed armies of bots to carry out copycat attacks, according to CNBC.

Security experts described the exploit as a free-for all, anyone with knowledge of the exploit and how it worked could seize the flaw and withdraw any amount of token from Nomad, kind of like a cash machine spewing out money at the tap of a button.

Victor Young, founder and chief architect of Analog, told CNBC: "With no prior programming experience, any user could simply copy the original attackers transaction call data and substitute their address with their own to exploit the protocol. Young added that the Nomad hack became a free-for-all where multiple users started to drain the network by simply replaying the original attackers' transaction call data. Sam Sun, a research partner at Paradigm, described the exploit as one of the most chaotic hacks that Web 3 has ever seen.