Nomad Offers 10 Percent Bonus for $190 Million Crypto Hack

Nomad Offers 10 Percent Bonus for $190 Million Crypto Hack


Crypto startup Nomad is offering 10 percent rewards for redeeming up to $190 million in digital currency that was seized in a massive hack attack this week.

Nomad announced in a tweet on Twitter MailWhich included the address to its crypto wallet, and said that anyone who returns at least 90 percent of their stake in stolen funds will be considered a “white hat” — hackers working with companies to investigate their networks, and in some cases taking payments in exchange for identifying security flaws. She promised not to take legal action against these people, but also reiterated her determination to somehow recover the stolen money.

“Nomad continues to work with community firms, law enforcement and blockchain analysis to ensure that all funds are returned,” the company wrote.

Pair of hacks shake up an already strained crypto industry

The theft occurred when a vulnerability in the Nomad code allowed hackers to steal nearly $190 million in tokens. More than $20 million has been recovered as of Friday morning, according to blockchain analytics platform Etherscan.

Nomad acts as a blockchain bridge, allowing Users transfer assets from one blockchain to another – such as from Bitcoin to Ethereum. But this also makes them vulnerable to what security experts call “both sides,” vulnerabilities in either blockchain.

Blockchain analytics firm Elliptic Connect said the Nomad hack was the seventh major crypto bridge incident of 2022, and the eighth largest crypto theft ever. Another crypto bridge, known as Ronin, suffered a $625 million theft earlier this year. In this case, hackers infiltrated the underlying blockchain powering the popular video game Axie Infinity, hacking around 174,000 Ethereum.

Robinhood Cuts 23 percent of Its Workforce Amid Crypto Crash

“Bridges have always been known to be attractive to hackers,” Elliptic Connect wrote in an unsigned blog. “They usually have a lot of liquidity, as users wanting to transfer funds via blockchain usually lock their assets into their contracts. They also operate on a relatively less secure blockchain.”

The nomad attack was known as “free for all” because the original hacker code allowed anyone to copy it, opening the door for anyone to join the battle and withdraw money. Elliptic Connect said it has identified more than 40 “exploiters,” including one hacker who raised just under $42 million by automating the money withdrawal process.

By actively pushing hackers, Nomad uses a strategy that tech companies have long relied on to evaluate and improve their networks.

Microsoft, for example, declares “Let the search begin!” On its bug bounty page, which offers up to $60,000 for vulnerability reports on the company’s Azure cloud platform, or $20,000 for vulnerability reports on Xbox Live. Comparative reviews for Hyper-V, a virtual token program, can reach $250,000. In 2016, the Department of Defense launched its own bug bounty program called “Pentagon Hack.”

Senate proposal would give CFTC responsibility for monitoring Bitcoin and Ethereum

Nor is Nomad the first crypto company to deal directly with hackers.

Last August, a crypto platform called Poly Network was the target of a massive attack in which someone stole more than $600 million in tokens, according to CNBC. The thief exploited a loophole in the company’s network code that allows users to transfer funds to their own accounts.

But in an unusual twist, the hacker then opened a dialogue with Polynetwork employees and eventually returned the money, CNBC reported. According to press reports, the company issued a statement calling the hacker “Mr. A. White Hat,” offering a $500,000 reward and an invitation to become the platform’s “lead security advisor.”

Cryptocurrencies in general suffered sharp drops in value throughout 2022 as Bitcoin, Ethereum and other digital currencies were sold off along with the broader stock market. As of Friday morning, the price of bitcoin is around $23,000, up about 14 percent in the past month. That compares to more than $66,000 in November 2021.

Leave a Comment

Your email address will not be published.