On August 1, a nomad token bridge suffered an exploit that allowed several people to drain the bridge of $190.7 million.
The first signs of trouble began at around 9: 23 pm UTC, after a hacker exploited the bridge to withdraw 100 WBTCs worth $2.3 million.
Several others copied the code of the first suspicious transaction and changed the address to participate in draining the funds.
The Nomad bridge allowed for a token transfer between ETH Avalanche AVAX Evmos EVMOS Moonbeam GLMR and Milkomeda C 1Blockchains.
Unlike other cripto-coin exploits where only a handful of addresses are directly linked to the hack, hundreds of addresses were responsible for draining the Nomad bridge of almost all the $190.7 million locked in it.
Some of the exploit transactions had the same value. There were more than 200 transactions of exactly 202,440. 725413 USDC.
WBTC, WETH, USDC, FRAX, CQT, HBOT, IAG, DAI, GERO, CARDS, SDL, and C 3 were stolen from the bridge.
According to Oxfoobar, the attack happened due to poor operational strategy causing bad Merkle root initialization, which resulted in every message being proven valid by default. The team at Nomad claimed to be investigating the events.
Moonbeam went into maintenance mode to investigate a security incident with a smart contract deployed on the network. Peckshield discovered 41 addresses that took roughly $152 million of stolen funds, which was 80% of the stolen funds.
One of the wallets was owned by the hacker who stole $80 million from the DeFi platform Rari Capital and Saddle Finance, according to the firm.
Whitehat hackers have saved some of the stolen funds.
While the whole thing seems like a free for all looting, the available information shows that some of those who took funds from the bridge were whitehat hackers who tried to prevent thieves from accessing the funds.
Some who drained the funds have confirmed they plan to return them.
One of them wrote :
Others have identified as whitehat hackers and asked the team to get in touch, including someone who was able to get $1 million.