In what started with an upgrade to Nomad’s code, the hack became a free-for-all where many users started to drain the network by replaying the original attackers’ transaction call data.
Unlike previous attacks, the Nomad hack became a free-for-all where multiple users started to drain the network by simply replaying the original attackers’ transaction call data.
Nomad is an expample of what is known as a “bridge,” a tool that allows users to exchange tokens and information between different crypto networks. They are used as an alternative to making transactions directly on a blockchain like Ethereum, which usually charges users very high processing fees when there’s lots of activity happening.
Instances of vulnerabilities and poor design have made bridges a prime target for hackers seeking to swindle investors out of millions. More than $1 billion in crypto assets has been stolen through bridge exploits so far in 2022, according to a report from crypto compliance firm Elliptic.