Update: Nomad team reached out to Cointelegraph to clear the air surrounding the June audit report and claimed that the vulnerability highlighted by Quantstamp was different from what caused the $190M exploit. The firm also assured that they are actively working to return the funds to users.
The Nomad token bridge hack on Aug. 2 was the fourth largest crypto hack in history, seeing nearly $200 million worth of crypto assets drained from the platform. However, more than the hack, the methodology behind it garnered widespread attention.
The exploit took place due to a smart contract vulnerability that saw hundreds of users other than the hacker getting involved and taking away as much as they could by simply copy-pasting the transaction data used by the initial hacker and changing the wallet address to theirs. The event was later deemed as a decentralized robbery by many due to the involvement of normal community members.
Later, the Nomad team revealed to Cointelegraph that some of the people who took funds were acting benevolently to protect the crypto from getting into the wrong hands.
In the aftermath of the hack, the crypto analysis group BestBrokers found that the first exploit took place on Aug. 1, which drained 400 Bitcoin (BTC) in four different transactions. The hackers later diverted all 22,880 Ether (ETH), then moved on to the over $107 million worth of stablecoins and finally started diverting the altcoins supported by the project.
The incident has seen WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL) and Charli3 (C3) tokens taken from the bridge.
Related: Ongoing Solana-based wallet hack seeing millions drained
Some altcoins that were stolen from the platform suffered as much as a 94% decline. Data collected by the analysis firm showed that the following altcoins suffered the biggest collapse after the hack:
The report also claimed that exploited smart contract vulnerability was highlighted in a security audit report done by Quantstamp in the first week of June.
Nomad has partnered with Anchorage Digital, a nationally regulated custodian bank, to accept and safeguard retrievable funds. In an exclusive statement to Cointelegraph, the firm said:
"Nomad asks that any white hat hacker or ethical security researcher currently holding ETH or ERC-20 tokens from the token bridge attack please return them by sending them to the following Anchorage wallet address: 0x94A84433101A10aEda762968f6995c574D1bF154"
Nomad is actively working with TRM Labs, a leading chain analysis/intelligence firm and law enforcement to trace stolen funds, identify recipient wallets, and coordinate the return of funds.
As per the latest update, the Nomad team has recovered nearly $16.6 million of the lost funds out of which whitehat hackers have returned $11.2 million.