The Developers of the Nomad Cryptocurrency Bridge Ask the Hackers to Return the Money and… They Return

Last week, hackers stole almost $200,000,000 from the Nomad cryptocurrency bridge due to an error in a smart contract.

The Nomad bridge, which provides transfers between the Ethereum, Avalanche, Moonbeam, Evmos and Milkomeda blockchains, was the victim of an attack earlier this month. For the first time, the incident was mentioned in the official Nomad Twitter account on August 1, 2022, as a kind of “incident”, but already on August 2, the developers reported that they were “working around the clock to eliminate the situation” and notified law enforcement agencies about the incident.

Let me remind you that we also wrote that More than $600 million in cryptocurrency stolen from NFT game Axie Infinity, and also that Cryptocurrency Scammers Earn $ 7.7 Billion in 2021.

Now the developers are asking attackers to return at least 90% of the stolen, and then the hackers will be able to keep the remaining 10% as a kind of bug bounty reward and consider themselves white hats without fear of legal prosecution.

Let me remind you that the attack occurred due to an incorrect configuration of the main smart contract of the project, which was made during the next update. The bug allowed anyone with at least a basic understanding of the code to transfer out the cash. The specialists explained that it was only necessary to “find a transaction that worked, find / replace the address of another person with your own, and then relay it.”

In the end, the domino principle worked, when people saw that the funds were stolen using the above method, and substituted their own addresses to reproduce the attack. This led to what Twitter called “the first ever decentralized mass heist” in which approximately $200,000,000 in crypto was stolen.

Now the Nomad developers on Twitter offer hackers to return the stolen and attach the address of the Ethereum wallet to which they need to send funds after their message. At the same time, the company warned that “Nomad continues to work with the community, law enforcement agencies and blockchain analysts to ensure the return of all funds.”

Interestingly, although the company promises not to pursue such white hats and try to protect their interests, the developers note that they still cannot guarantee that law enforcement agencies or third parties will not be interested in them.