88% of Nomad Bridge addresses were copycat accounts

Almost 90% of addresses that were involved in the Nomad Bridge hack have been identified as “copycats” with a method used to exploit a loophole in the Nomad smart contracts.

The hackers took $88 million USD worth of cryptocurrency in just a few hours at the beginning of the month, according to a report released by Coinbase. The blog, written by Coinbase’s threat intelligence researcher Peter Kacherginsky and senior associate of the investigations team Heidi Wilder, notes that an attack like this one has an impact on the industry as a whole:

“While the Nomad bridge compromise does not directly affect Coinbase, we strongly believe that attacks on any crypto business are bad for the industry as a whole and hope the information in the blog will help strengthen and inform similar projects about threats and techniques used by malicious actors.”

According to Coinbase’s research, the method the hackers used was by using the same code and modifying the target token, amount and recipient address. From there, the hackers could send cryptocurrency to themselves.


Source: Coinbase



Coinbase researchers conducted an autopsy of the attack and noted that the first two hackers were targeting Wrapped Bitcoin (wBTC) first, then USDC and then Wrapped Ether (wETH). These three cryptocurrencies were most present in the Nomad Bridge, making it easier for the original hackers to steal these tokens in particular.

What is a Bitcoin bridge?

A bridge like the Nomad Bridge exists as a tool for investors and traders to send cryptocurrencies from one blockchain network and receive them on a different network. Because most networks are siloed and don’t interact with one another, it’s not possible to send cryptocurrencies directly from one blockchain to another. A blockchain bridge stands to let users do this, by means of wrapping tokens (such as “Wrapped Bitcoin”) and offering a platform for networks to engage with each other.

For example, if you want to use a bridge to send a Solana coin to an Ethereum wallet, the Ethereum wallet will receive a token that has been wrapped but the bridge – which is essentially a token converted to an ERC-20 token that is operable with Ethereum’s network.

While it might the be biggest attack on a DeFi bridge, Nomad Bridge is not the first to suffer an attack. Previous attacks on bridges include Wormhole, which happened a week after Qubit was attacked for $80 million.

Related Articles

Binance and CZ fight back with a motion of dismissal

Following the lawsuits against Binance from the SEC, the exchange and its CEO have filed a motion of dismissal.

Mt Gox delays payments even further

Mt Gox has delayed the deadline to reimburse investors yet again, marking another year in a decade long delay.

USDC stablecoin launched on Polkadot Asset Hub

Circle has announced that USD Coin will be launched on the blockchain, extending USDCs presence in the ecosystem.

US authorities to halt Central Bank Digital Currency

Lawmakers in the United States have made moves to impede the development and launch of a central bank digital currency (CBDC) in the...

See All