Nomad Lost Nearly $190m TVL in "Decentralized Robbery"

blockchain.news:

Cross-chain token bridge Nomad was breached on Monday, which resulted in a loss of cryptocurrency worth almost $200 million.

In a statement published on Twitter, the trading platform confirmed the hacking incident:

“We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them.”

The protocol also warned that “impersonators posing as Nomad and providing fraudulent addresses to collect funds,” adding, «We aren’t yet providing instructions to return bridge funds. Disregard comms from all channels other than Nomad’s official channel.”

As a sort of cross-chain bridge, the protocol allows users to swap various tokens, such as Ethereum (ETH), Avalanche (AVAX), Evmos (EVMOS), Milkomeda C1, and Moonbeam (GLMR).

Citing the data from DeFi Llama, a Defi tracking data platform, the total value locked (TVL) of Nomad reached up to $190 million before the exploit, according to the online media outlet Cryptonews. The platform showed the TVL of Nomad remains less than $11,000 at the time of writing.

TVL is the amount of user funds deposited in a decentralized finance (DeFi) protocol.

Another cybersecurity platform BlockSec estimates the total loss in this incident is estimated around $150 million worth of Tether (USDT). The monitoring platform suggested that some loopholes might exist in Nomad's verification procedure among functions: „Since an uninitialized storage slot is always considered as zero, the attacker can actually pass any message that has never shown before to bypass the verification procedure.”

Anonymous Terra researcher FatMan described the incident as “the first decentralized robbery,» adding that «all one had to do was copy the first hacker's