Home Health Over a billion dollars stolen in 2022 by platforms that manage cryptocurrency transfers

Over a billion dollars stolen in 2022 by platforms that manage cryptocurrency transfers

by admin
Over a billion dollars stolen in 2022 by platforms that manage cryptocurrency transfers

Last week yet another cryptocurrency theft made headlines, this time the Nomad bridge platform from which nearly $ 200 million worth of cryptocurrencies was stolen.
Before asking ourselves how frequent these events are and how it is possible to put these attacks to good use, let’s clarify some concepts, such as that of cryptocurrency bridge.
A bridge is a connection that allows the transfer of arbitrary tokens and / or data between different blockchains, regardless of whether they use different protocols and governance models.
Since the beginning of the year, five attacks on bridge platforms have caused the loss of a whopping 1,317,000,000 dollars.

According to experts from blockchain security firm CertiK, the main causes behind these incidents are the flaws in the protocols used by the platforms and the lack of experience to defend these systems from attacks.
The founder of the Nomad platform himself, James Prestwich, argues that there is a lack of experience in creating security models for cross-chain applications. The attack on the Nomad platform ranks third in terms of losses, behind the attacks on Ronin Bridge ($ 624 million) and Wormhole Bridge ($ 326 million).

To transfer funds from one blockchain to another; instead it is necessary to use cross-chain bridge, i.e. an investor deposits their tokens on one chain and receives a debit token on the other chain. Once an individual burns their debt token on one chain, the deposit is released on the other chain.
The simplified process described above requires the involvement of multiple entities such as the custodian, the debt issuer and an oracle making these infrastructures complex and full of potential points of attack.
To understand how these attacks take place, let’s try to analyze what happened in the case of the Nomad Bridge in which a bug in the initialization process was exploited. Due to the vulnerability, the attackers were able to bypass the message verification process and took away all tokens used to validate transfers between different blockchains. In practice, an attacker, thanks to the bug, was able to deposit 1 ETH on one blockchain and receive 100 ETH on another. By repeating the procedure, it is possible to empty the platform of the entire amount of cryptocurrencies managed.

The process is not unlike in other attacks, implementation errors in bridge platforms allow an attacker to announce a willingness to transfer a certain amount of cryptocurrencies from one blockchain to another; however, precisely because of the flaws, the attackers are able to transfer any amount even though they do not have the real sums on their wallets, effectively emptying the vulnerable platforms.

The attacks suffered by the Nomad platform, as well as those against other bridges demonstrate the importance of developing robust cross-chain protocols, without which the number of multimillion-dollar robberies is bound to increase.
It is very likely that in the coming months new flaws will be discovered in the interchange platforms between blockchains and that these will be exploited in attacks that will cause significant damage to the victims. It is therefore necessary to work in two main directions; develop protocols with a security-by-design approach and conduct continuous assessments of existing platforms in order to promptly identify gaps that can be exploited by attackers and resolve them quickly.

See also  The choice of Facebook and Instagram: "Allowed posts wishing Putin death"

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy