Hacking free-for-all relieves crypto bridge users of $200 million | Engadget

Cryptocurrency hacks are all too common, but they’ve rarely been quite so anarchic as the latest example. As The Verge notes, Nomad has confirmed that its cryptocurrency bridge (a service that lets you swap tokens between blockchains) was the victim of an August 1st “incident” where a slew of hackers stole nearly $200 million in funds. As Paradigm researcher Samczsun explained, the intruders took advantage of a misconfiguration that let any reasonably knowledgeable user authorize their own withdrawals. The result was a “chaotic” hack where people could swap their crypto address into a known-good transaction to steal digital money.

In an update, Nomad said it’s “working around the clock” to resolve the problem with help from law enforcement and blockchain intelligence firms. It hopes to both pinpoint involved accounts and recover funds. A16z’s security team suggested that well-intentioned white hat hackers would return crypto they took “preemptively,” but there’s no word on identifying thieves.

Bridges like these are major targets for hackers thanks to both their high asset volume and the potential for exploits in their sophisticated code. An attacker swiped roughly $625 million from the Ronin blockchain underpinning Axie Infinity in March, and an exploit in the Wormhole bridge led to a $325 million hack in February. While the Nomad breach isn’t quite as financially damaging, it illustrates just how vulnerable bridges can be.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.