After losing over $200 million due to a disastrous security flaw, cryptocurrency business Nomad announced it is paying hackers a bounty of up to 10% to recover customer assets.
Nomad pleaded with the burglars to give back any money taken from their cryptocurrency wallets. The business claimed late Thursday that it had already recovered more than $20 million of the total.
According to Nomad, the reward is for individuals who come forward right away and those who have already returned the money, according to Nomad.
Nomad stated that it would not file a lawsuit against any hackers who restore 90% of the stolen assets since it will regard these people as “white hat” hackers. The “ethical hackers” of the cybersecurity field are comparable to white hats. They work along with businesses to inform them of problems with their software.
The incident follows the theft of tokens valued at almost $190 million due to a flaw in Nomad’s code. Users could enter any amount into the system and then withdraw the money, even if there weren’t enough assets on deposit.
Users did not require programming knowledge to exploit the flaw due to its nature. Once others realised what was happening, they jumped in and launched the same assault.
To track down the stolen money and find the attackers responsible for the hack, Nomad said it collaborates with law enforcement and blockchain analysis company TRM Labs. Additionally, it is working with regulated U.S. bank Anchorage Digital, which specialises in storing cryptocurrencies and keeping any recovered money.
The Weakest Link
A “bridge” connecting various blockchain networks is what Nomad is, or a cryptocurrency. Users can quickly transfer tokens using bridges from the Ethereum blockchain to the Solana blockchain.
The bridge creates an equivalent amount in “wrapped” form on the other end once consumers deposit some tokens. Users can trade wrapped tokens on exchanges other than the one they were built on, representing a claim on the original.
Bridges are a known target for hackers due to the massive volume of assets trapped inside of them and faults that make them susceptible to attacks.
“Those bridges are currently accumulating a lot of money,” Adrian Hetman, tech lead at the cryptocurrency security company Immunefi, said.
Hackers are more likely to locate a weakness and steal money when there is a lot of money in a specific location.
Elliptic, a company that analyses blockchains, ranks the Nomad attack as the eighth-largest cryptocurrency hack. Elliptic reported that more than 40 hackers were engaged, one of whom made little under $42 million.
As a result of the vulnerability, Chainalysis, a crypto security company, estimates that over $2 billion has been stolen through cross-chain bridges so far this year. One network connected to the contentious cryptocurrency game Axie Infinity, Ronin, was the target of the most potent attack, a $615 million cyberattack out of 13 different attacks.
In a separate incident, approximately $5.2 million in digital currency was taken from almost 8,000 wallets linked to the Solana blockchain on Tuesday.