Nomad offers 10% bounty of crypto $190 million hack

According to a Nomad crypto statement, anyone who returns at least 90% of stolen tokens would be considered a white-hat hacker who tries to expose weaknesses rather than making harmful profits. The remaining 10% would essentially become the incentive.

“We will not pursue white hats”, stated the firm's chief executive officer. He added that they will continue collaborating with their partners, intelligence agencies, and law enforcement to pursue all such bad actors to the greatest degree permitted by law.

What caused the nomad crypto hack

Nomad put up a recovery wallet address to persuade the "white hat hackers who have been keeping ETH/ERC-20 tokens to restore the stolen digital assets. The wallet came into existence following a collaboration with the custodian bank Anchorage Digital. Currently, $19.4 million (roughly 10%) of that crypto is back with the protocol. Nomad has already resorted to Twitter to express gratitude to some donors.

According to 1KX Research, the breach occurred due to a mistake in the code. Developers unintentionally activated a code setting that automatically validated any transaction script provided to the protocol as long as it contained a "root" of “0x00."

What is Nomad?

Nomad is a bridge protocol which allows tokens to be transferred across blockchains to make diverse networks compatible. Bridges have become one of the crypto sector's weak areas following multiple attacks, with an estimated $2 billion in tokens stolen from them in 2022, according to consultancy Chainanalysis.

Based on data from Etherscan, a tool used for analysing the Ethereum blockchain, and the bridge provider's calculations, Nomad has recovered around US$20 million of the US$190 million. Nomad says it worked with forensics specialist TRM Labs and law enforcement to identify hackers.

Shortly after, the attack on nomad crypto emerged earlier this week. The crypto industry suffered another blow when hackers targeted the Solana ecosystem on Wednesday, 3rd August 2022, which affected thousands of wallets.