88% of Nomad Bridge addresses were copycat accounts

Almost 90% of addresses that were involved in the Nomad Bridge hack have been identified as “copycats” with a method used to exploit a loophole in the Nomad smart contracts.

The hackers took $88 million USD worth of cryptocurrency in just a few hours at the beginning of the month, according to a report released by Coinbase. The blog, written by Coinbase’s threat intelligence researcher Peter Kacherginsky and senior associate of the investigations team Heidi Wilder, notes that an attack like this one has an impact on the industry as a whole:

“While the Nomad bridge compromise does not directly affect Coinbase, we strongly believe that attacks on any crypto business are bad for the industry as a whole and hope the information in the blog will help strengthen and inform similar projects about threats and techniques used by malicious actors.”

According to Coinbase’s research, the method the hackers used was by using the same code and modifying the target token, amount and recipient address. From there, the hackers could send cryptocurrency to themselves.


Source: Coinbase



Coinbase researchers conducted an autopsy of the attack and noted that the first two hackers were targeting Wrapped Bitcoin (wBTC) first, then USDC and then Wrapped Ether (wETH). These three cryptocurrencies were most present in the Nomad Bridge, making it easier for the original hackers to steal these tokens in particular.

What is a Bitcoin bridge?

A bridge like the Nomad Bridge exists as a tool for investors and traders to send cryptocurrencies from one blockchain network and receive them on a different network. Because most networks are siloed and don’t interact with one another, it’s not possible to send cryptocurrencies directly from one blockchain to another. A blockchain bridge stands to let users do this, by means of wrapping tokens (such as “Wrapped Bitcoin”) and offering a platform for networks to engage with each other.

For example, if you want to use a bridge to send a Solana coin to an Ethereum wallet, the Ethereum wallet will receive a token that has been wrapped but the bridge – which is essentially a token converted to an ERC-20 token that is operable with Ethereum’s network.

While it might the be biggest attack on a DeFi bridge, Nomad Bridge is not the first to suffer an attack. Previous attacks on bridges include Wormhole, which happened a week after Qubit was attacked for $80 million.

Related Articles

CBDC adoption: Russia enters final phase to test digital ruble

Russia is in the final phase of testing a central bank digital currency (CBDC), which will be used for both national and international...

What exactly is DeFi? Decentralised finance explained

DeFi is a set of technologies that enables people to manage their funds on a peer-to-peer basis and it's changing the way money can be used.

Expansion: Coinbase will be launching in the Netherlands

As part of its global expansion, Coinbase has announced that it has been granted regulatory approval from the Netherlands' national bank.

Is Bitcoin better than retail estate as an investment?

According to MicroStrategy CEO Michael Saylor, Bitcoin presents a much better long-term asset than property.

See All