Cardano users were indirectly affected by the phishing attack on the Nomad Bridge protocol.
One of the Bridges for the Cardano Ecosystem
On Monday, August 2nd, a cross-chain protocol, Nomad Bridge, fell prey to a phishing scam and lost nearly all of its $200 million in cryptocurrency.
Monday’s attack on Nomad indirectly affected Cardano users as the Nomad protocol was one of the multiple bridges deployed to Milkomeda C1, Milkomeda said.
Milkomeda C1 is a layer 2 protocol that allows Ethereum decentralized apps (dApps) to be deployed in the Cardano ecosystem.
"This does not affect the base Milkomeda protocol, but Nomad is one of multiple bridges deployed to Milkomeda so users of Nomad-based assets on Milkomeda & Cardano are affected," Milkomeda tweeted on its official Twitter account following the discovery of the exploit on Tuesday.
In March of this year, Milkomeda released a Cardano sidechain C1, Cardano sidechain, that allowed users to transfer assets between Cardano and Ethereum.
“We are aware of the Nomad exploit. Unfortunately, we can’t control what happens to other projects. This does not affect the base Milkomeda protocol, but Nomad is one of multiple bridges deployed to Milkomeda so users of Nomad-based assets on Milkomeda & Cardano are affected.”
— Milkomeda (there is no token) (@Milkomeda_com) August 2, 2022
An ordinary software upgrade on one of Nomad’s smart contracts led to the attack, which enabled users to forge transactions and drain the bridge, tweeted a researcher at crypto and web3 investment firm, Paradigm:
1/ Nomad just got drained for over $150M in one of the most chaotic hacks that Web3 has ever seen. How exactly did this happen, and what was the root cause? Allow me to take you behind the scenes pic.twitter.com/Y7Q3fZ7ezm
— samczsun (@samczsun) August 1, 2022
Early on Wednesday morning, Asia time, Nomad tweeted to its community that it is setting up a recovery address for white hats to transfer recovered funds, working with law enforcement to find and recover the stolen assets, and creating an action plan to fix the technical issue.
Update: We are working around the clock to address the situation and have notified law enforcement and retained leading firms for blockchain intelligence and forensics. Our goal is to identify the accounts involved and to trace and recover the funds.
— Nomad (⤭) (@nomadxyz_) August 2, 2022
Cardano community reacts
Cardano-focused Twitter account, ADA Whale, said many Cardano users are indirectly affected by the attack on Nomad.
This is not the first time ADA Whale has voiced concerns about having cross-chain bridges connected to Milkomeda.
Why You Should Care
Cardano reached a market cap of $77 billion in May 2021 and solidified its position as the biggest proof-of-stake cryptocurrency.
Read more about phishing attacks: