Crypto Exploit Let Criminals Steal $190 Million by Copy-Pasting a Script

To service this demand, several companies, including Nomad, have created “cross-chain” bridges.

Nomad had over $190 million in people’s funds in its smart contract before the exploit.

At the time of writing, only $9,000 remains locked in the smart contract.

In true crypto fashion - the first decentralized robbery.https://t.co/jWV9AamBer

Nomad bridge getting actively hacked.

WETH and WBTC being taken out in million-dollar increments.

The gist is that the smart contract broke.

Certain transactions that shouldn’t be approved could be pushed through and replicated.

Others took out funds in ether and the USDC stablecoin, among other tokens.

“You didn’t need to know about Solidity or Merkle Trees or anything like that.

“Easy as CTRL-C, CTRL-V,“tweeted another blockchain sleuth.

Since most people were copy-and-pasting information, funds were funneled out in identical chunks.

There werehundreds of transactions that saw people withdraw $202,440in the USDC stablecoin at a time, for instance.

Many sent the funds back.

“We are currently investigating and will provide updates when we have them.”

Nomad didn’t immediately respond to a request for further comment.