Again and again, hackers make headlines with spectacular raids on crypto companies. So far, only a few have been hit as hard as Nomad Bridge. Almost all of the company’s accounts were emptied in a very short time. Only a few hundred euros remained.

Suddenly everything happened very quickly. After crypto-financial services provider Nomad Bridge had slowly amassed an ever-expanding supply of various currencies over the past few months, the curve suddenly took a steep downward turn on Monday. Then the accounts were empty on Monday in no time. But the company seems to have at least a little bit of luck in misfortune.

How the looted account came about is still not fully understood. The only thing that is clear so far is that a security error on the part of the company allowed access to the accounts – and that was exploited. “The investigation is ongoing,” Nomad Bridge confirmed to sites such as “Bloomberg” in a statement. Leading analysis and data companies have been commissioned to get to the bottom of the attack. “Nomad’s goal is to identify the accounts involved and to track and repatriate the assets.”

Lots of open questions

It is noteworthy that this is not an attack by a single actor. At least 40 different accounts accessed the company’s wallets and transferred funds out of them in hundreds of operations. It is noticeable that the same amount was often “withdrawn”. Exactly 202,440.725413 units were debited from the USDC currency alone in over 200 transactions.

The fact that so many different attackers struck could prove to be a boon for the company in retrospect. At least some of the hackers are apparently so-called “white hats”. This is what hackers are called who do not pursue criminal goals, but want to point out security gaps with their attacks. A group of them appear to have participated in the looting of Nomad Bridge in order to save the money from other hackers.

At least that’s what the Twitter user “Notifiy_xyz” emphasizes, who claims to have done the same thing as part of a group. “I plan to transfer the assets back. Currently still waiting for official communication from the Nomad team,” he announced on Twitter. The crypto coins are said to be safe and not further transferred after the first transfer. It is still unclear how large the proportion of funds saved in this way is.

Not the first attack of this kind

Nomad Bridge is just one of several vendors that have been the target of such an attack in recent months. The so-called bridges have recently increasingly replaced the large crypto exchanges as the main target of hacker attacks. Bridges are service providers that enable the transfer of crypto assets from one blockchain to another. To do this, however, they must store the appropriate funds themselves. Because the software for changing the different blockchains is complex and therefore potentially more error-prone, they are extremely attractive for attacks. According to the analysis company Elliptic, a billion dollars have already been stolen from attacks on bridges this year alone.

Sources: Bloomberg, Twitter