218 total views
2022-08-03 07:34:48
Early this morning (August 2), the hottest news in the DeFi community was definitely the Nomad attack. Although many other bridges have also been visited by hackers, this time Nomad’s incident is “a little bit” different when it affects a few related names. Then let’s take a look at these names!
Case overview
As CHK reported this morning, Nomad was attacked because of a vulnerability in Root Message authentication. The details and developments of the incident are summarized in the article below!
> See more: The Nomad cross-chain bridge was hacked and “fouled”, with more than $176 million in damage
This is not the first time that the argument errors in the contract of cross-chain bridges have been exploited, but this incident has a great impact, making me think of the Poly Network incident more than a year ago.
Most of the effects of cross-chain attacks are isolated within the scope of the project. However, since many partners use Nomad assets (on different chains), it is inevitable that many names will be affected after this incident.
Update:
Peckshield also posted a list of wallets involved in the attack, including white hat hacker wallets who actively hacked to get money back to Nomad users.
#PeckShieldAlert PeckShield has detected ~41 addresses grabbed ~$152M (~80%) in the @nomadxyz_ bridge exploit, including ~7 MEV Bots (~$7.1M), @RariCapital Arbitrum exploiter (~$3.4M), and 6 White Hat (~$8.2M).
~10% of these addresses with ENS names getting $6.1M pic.twitter.com/UUjk7ZiiKE— PeckShieldAlert (@PeckShieldAlert) August 2, 2022
“There are about 41 addresses that have withdrawn 152 million USD (~80% of the loss in the Nomad case). This includes 7 MEV bots ($7.1 million), wallet that hacked Rari Capital (Arbitrum) (~$3.4 million) and 6 white hat hackers ($8.2 million). 10% of these addresses have ENS domains and withdraw $6.1 million.”
Moonbeam
Moonbeam’s Twitter homepage said that the attack on the Nomad bridge caused the amount of assets at the Ethereum bridge to be wiped out. The team also said that it is in the process of reviewing whether any vulnerabilities exist in the source code of Moonbeam.
1/ Earlier today, there was a security incident that interested the @nomadxyz_ bridges to Moonbeam. Nearly all the assets in Nomad’s Ethereum Mainnet smart contract have been drained. We have found no evidence that the recent security incident was related to the Moonbeam codebase.
— Moonbeam Network #HarvestMoonbeam (@MoonbeamNetwork) August 2, 2022
Also this morning, Moonbeam had to “suspend” the blockchain for 4 hours to conduct the “Maintenance” process. During this period, users cannot make money transfers or interact with smart contracts. However, at the time of writing, the maintenance process has been completed and the Moonbeam team said that no vulnerabilities related to the above attack have been discovered.
The Moonbeam Network Maintenance Mode has ended following an investigation that found no evidence that the recent security incident was related to the Moonbeam codebase. The chain has been restored to full functionality and is now operating as usual.
— Moonbeam Network #HarvestMoonbeam (@MoonbeamNetwork) August 2, 2022
Accordingly, Nomad is one of the main bridge platforms on Moonbeam’s ecosystem, and the theft of most of the security assets at the Ethereum bridgehead may affect the value of some assets at the bridgehead. Moonbeam.
Connext
Connext is a team that has a close relationship with Nomad. Many sources believe that Connext derives its liquidity from Nomad and may suffer great losses after this incident. However, Arjun (project representative) said that Connext only stores madUSDC assets (ie USDC certificates on the Nomad bridge).
We are aware of the exploit of the @nomadxyz_ contracts on Ethereum.
Users of Connext are not directly affected by this exploit.
However, madAssets held by users on Moonbeam, Milkomeda, and Evmos may now be unbacked by corresponding assets on Ethereum.
first/
— Connext | ✖chain composability (@ConnextNetwork) August 2, 2022
“We have been notified of an attack on the Ethereum contract. Connext users are not directly affected by this incident, but madAsset (certificates of assets) held by users on Moonbeam, Milkomeda, and Evmos may not be fully backed by assets on Ethereum. “
Connext also said that the team has contacted the partner bridges to suspend the rotation of madAsset assets to avoid losses.
Evmos
Evmos is the most rare case, when the price of EVMOS coin skyrocketed after the Nomad attack.
$EVMOS is pumping hard following the Nomad bridge exploit
Everybody tries to convert their Nomad $USDC big $EVMOS pic.twitter.com/8LZbgIqoIc
— Yield God (@YieldGod) August 1, 2022
The reason for this fluctuation is that madUSDC lost its price anchor at the Ethereum bridgehead, causing many people to seek to sell this asset to EVMOS to avoid loss of asset value. However, the lack of liquidity and a large number of users landed, causing the price of EVMOS to quickly build up a column.
However, this move quickly cooled down after that as users sought to move assets to other chains.
A couple hours ago, the Nomad ERC20 bridge contract was exploited. Most assets have been drained. We’re working closely with the Nomad team and will follow up as we get more info.
Rest assured, the Evmos chain is functioning properly. This is strictly a bridge exploit. (1/3)
— Evmos is Hiring ️ (@EvmosOrg) August 2, 2022
The Evmos team said that this vulnerability is not related to the network and the Evmos chain is still working normally.
Ending
So up to the time of writing, there have been no more names announced affected by Nomad. As I mentioned above, this case does not arise because of the nature of the “cross-chain” but it is a problem arising from the security error of the contract – which can happen with any array of DeFi products. .
However, again and again, the danger of these products is that once attacked, it can quickly spread to neighboring chains, as well as related products.
The latest updates on this incident will be quickly sent to readers by CHK!
Synthetic CHK
Maybe you are interested:
#names #spread #Nomad #attacked
