Nearly 90% of Nomad Bridge exploiters were “copycats” according to a report by Coinbase on the exploit that happened earlier this month.
The target token, token amount, and recipient addresses were changed, but they (the copycats) utilized the same code as the original hackers.
Nearly 90% of Nomad Bridge Exploiters Were “Copycats”
According to a recent study, nearly 90% of the addresses involved in the $186 million Nomad Bridge heist last week have been identified as “copycats,” who stole $88 million worth of tokens on August 1.
Peter Kacherginsky, Coinbase’s chief blockchain threat intelligence researcher, and Heidi Wilder, a senior associate of the special investigations team, confirmed what many had assumed during the bridge hack on August 1: that after the original hackers worked out how to take cash, hundreds of “copycats” joined the party. The revelation was made in a blog post published on August 10 by Coinbase.
Security researchers claim that the “copycat” technique was a version of the first vulnerability, which made use of a flaw in Nomad’s smart contract to let users withdraw money from the bridge that wasn’t actually theirs.
The copycats then produced the exact identical code, but they altered the recipient addresses, target token, and token quantity.
Despite the fact that the first two hackers were the most successful in terms of the overall amount of money they were able to steal after the technique was copied by others, there was a race to see who could take the most money.
According to Coinbase experts, the early hackers targeted the Bridge’s wrapped-Bitcoin (wBTC), followed by wrapped-ETH and USD Coin (USDC) (wETH).
White-hat actions
Unexpectedly, Nomad Bridge’s request for the return of stolen money resulted in a 17% return (as of August 9), with the majority of those tokens being in the form of USDC (30.2%), Tether (USDT) (15.5%), and wBTC (14.0%).
The fact that the bulk of the funds were returned in the form of USDC and USDT shows that the majority of the funds were from white-hat “copycats,” as the original hackers mostly exploited wBTC and wETH.
buy super kamagra generic buy super kamagra online no prescription
As of August 9, 49% of the stolen money had already been transferred from each recipient’s address to a different location.
According to Coinbase’s analysis, the first three recipient addresses were financed using Tornado Cash, an Ethereum-based system that permits anonymous transactions. The US Treasury banned all USDC and ETH addresses linked to the protocol on Monday.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post