In recent weeks, attacks on cryptocurrency platforms have become increasingly common, and the Nomad Protocol is the most recent cryptocurrency platform to fall victim to an exploit.
On Monday, the on-chain platform for Coinbase was subjected to a hacking attempt, with reports indicating that the most recent attack resulted in the loss of close to $150 million.
Once it was established that the vulnerability was being exploited, the on-chain blockchain protocol notified its users about the incident. Users were also warned to be on the lookout for phony members of the Nomad team, as the company knows that this is a vulnerable time for them.
According to the network, fraudsters have been trying to trick unsuspecting victims into transferring their assets to a new location.
Until further notice, users are advised to disregard any communications they may receive from sources other than Nomad’s official website, as the company has not yet issued instructions on this matter. For the time being, we’ve had to halt all financial dealings while we finish up our investigation.
The coinbase Mechanics of the Exploitation
The attack happened after a suspicious transaction was observed, in which the exploiter removed 100 wrapped Bitcoin (WBTC) worth $2.3 million from the on-chain platform. This led to the discovery of the attack. There were other tokens taken from the bridge besides WBTC.
The following are some examples of alternative cryptocurrencies: Wrapped Ether (WITH), USD Coin (USDC), Dai (DAI), GeroWallet (GERO), Frax (FRAX), and many more.
On the other hand, it seems that this most recent vulnerability is not like any of the other attacks that have taken place so far in 2018. Hundreds of accounts have been compromised in the recent hacking incident.
For the first time ever in the cryptocurrency industry, the aforementioned accounts were credited with tokens directly from the Nomad bridge. In addition to this, the pattern that exploiters follow in order to move tokens is distinct from the patterns used in earlier instances of hacking.
The tokens of identical denominations and frequency were all removed from the bridge by the hacker. During the same time period, the attackers were responsible for more than 200 separate transactions.
Exploits on Bridges Being Committed at Increasing Rates
It has become increasingly common for hackers to launch attacks on blockchain bridges in recent years. Due to the fact that investors have already suffered losses totaling millions of dollars as a result of bridges’ exploits, there have been calls to refrain from performing cross-chain funds transfers on bridges.
Because of the multi-chain dimension, bridges are now more vulnerable to attacks than they were before, as they have become a primary target for exploiters.
In the same vein, Vitalik Buterin, one of Ethereum’s co-founders, has voiced his reservations about utilizing a bridge in order to transfer funds between different chains.
It’s important to remember that both trustless and trusted bridges can have their security compromised. It is possible, however, to lessen their vulnerability to hackers and their effect on blockchain initiatives by taking certain measures.
Since the Web3 ecosystem is a collaborative environment, there must be multifaceted coordination between various blockchain platforms. As a consequence of this, blockchain protocols are able to collaborate in order to create an environment that is safe for transactions and open to the development of payment solutions.
In addition, when DEXs and CEXs work together, it’s much simpler to trace any fraudulent inter-platform transactions processed by cybercriminals.
One of the most important avenues that platforms can investigate in order to lower the frequency and likelihood of exploits in the blockchain ecosystem is know-your-customer (KYC) verification.
Unfortunately, this problem is not going to be easy to solve, and it will require more extreme measures to be resolved. In the meantime, bridges will continue to be exploited.