Nomad Recovers Nearly $20M of Stolen $190M

Token bridge Nomad suffered a hack on Monday that resulted in a loss of $190 million in cryptocurrencies. So far, $19.4 million of those funds have been sent back to the protocol.

Nomad created a recovery wallet address in a plea to the “white hat hackers and ethical researcher friends who have been safeguarding ETH/ERC-20 tokens” to return the lost digital assets.

The wallet was set up in association with custodian bank Anchorage Digital. Nomad has since taken to Twitter to thank some of its contributors.

Loading Tweet..

Nomad’s hack resulted from an issue in the code itself, 1KX Research told Blockworks. Nomad developers had accidentally enabled a code setting which automatically verified any transaction script sent to the protocol, as long as they had a default “root” of “0x00.”

The result was a free-for-all involving onlookers rushing to submit illicit transactions, quickly draining the token bridge of all user funds kept inside its associated smart contract.

Nomad has acknowledged that some users wanted “more consistent communications” and apologized for not having “provided that up to this point.”

The firm announced via Twitter that hackers who return at least 90% of the total funds they hacked may be considered for a bounty of up to 10%. 

This incident is the third-biggest cryptocurrency hack this year after the Solana-to-Ethereum Wormhole bridge and the Axie Infinity Ronin bridge exploits, which lost $325 million and $625 million, respectively, valued at the time of the exploits.

---

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.