Nomad Bridge Hack: Hackers Buy Cheap ETH Using Stolen Funds
- Hackers used the market crash to buy 16,892 ETH at a significant discount, leveraging stolen funds from the 2022 Nomad bridge hack.
- The hackers moved the stolen ETH to Tornado Cash, a cryptocurrency mixer, to obscure the origin and destination of the funds, complicating traceability.
- Additional stolen funds from other hacks, such as the Pancake Bunny hack, are also being moved amid market uncertainty, highlighting persistent vulnerabilities in the crypto space.
Hackers Exploit Market Crash to Buy Discounted Ethereum
In a bold move, cryptocurrency hackers have taken advantage of the recent market crash to purchase heavily discounted Ether (ETH) using stolen funds. On August 5, hackers linked to the 2022 Nomad bridge hack bought 16,892 ETH at a significant discount.
Lookonchain, a blockchain analytics firm took to x (formerly Twitter) to share the hacking news.
Source: X
This purchase occurred as ETH's value declined by over 20%, dropping from approximately $2,760 to $2,172 in less than 12 hours. At press time, ETH price was trading at $2,335.94, with $279,973,930,183 in market cap and $52,423,416,726 in 24-hour volume.
Nomad Bridge Exploit Whole Story
The Nomad bridge, a digital asset bridge enabling cross-chain transactions, was attacked in August 2022, resulting in nearly $200 million in stolen funds. The exploit was due to a vulnerability in the bridge's smart contract, which allowed unauthorized fund withdrawals.
Hackers bypassed the contract's checks and authentication, enabling them to access and withdraw the crypto. At the publishing time DAI token was trading at $0.9999, after a spike of 0.01% in a day, with $5,347,695,192 in market cap and $494,853,642 in 24-hour volume.
Recently, the Nomad bridge exploiter used 39.75 million DAI of stolen tokens to purchase 16,892 ETH.
Lookonchain reported that soon after the purchase, the hacker began moving the stolen funds to Tornado Cash, a cryptocurrency mixer. Tornado Cash is often used by hackers to obscure the origin and destination of funds, making on-chain traceability difficult.
Blockchain investigation firm PeckShield noted that the Nomad exploiter also sent 17.75 ETH to an intermediary Ethereum address and transferred approximately 2,400 ETH to Tornado Cash.
Ongoing Market Uncertainty and Additional Hacks
Amid the ongoing market uncertainty, stolen funds from other hacks are also on the move. The Pancake Bunny hack, which occurred three years ago, saw the hacker swapping stolen DAI tokens for ETH. However, blockchain investigator Officer CIA revealed that 3.6 million DAI was mistakenly sent to a DAI stablecoin address.
Pancake Bunny, an automated market maker on the BNB Smart Chain, had been exploited through a flash loan attack in 2021. On July 8, the Pancake Bunny hacker siphoned $2.9 million worth of ETH through Tornado Cash. Despite being sanctioned by the U.S., Tornado Cash remains widely used by bad actors to hide their crypto trails.
Conclusion
The recent activities of cryptocurrency hackers highlight the ongoing vulnerabilities within the digital asset space. By exploiting market crashes and leveraging stolen funds, these hackers continue to manipulate the system, using tools like Tornado Cash to obscure their tracks.
