Nomad hack: Hackers return $9M after stealing over $190M

banner-image

The recent exploit on Nomad had shaken the entire cryptocurrency when attackers stole more than $190 million worth of funds, becoming “one of the most chaotic hacks that Web3 has ever seen.”

The smart contract’s vulnerability in the Nomad case allowed for the exploit to happen. Many users were tempted to discover a transaction that worked, replacing the target address with their own, and rebroadcasting it as a result, even if they lacked any technical skills. Basically, this means copying and pasting the actions taken by the original hacker. The attack was described as “the first decentralized robbery” by anonymous Terra researcher FatMan due to its settings.

PeckShield, the renowned blockchain security company, has discovered the return of $9 million in various crypto assets to the cross-chain bridge. According to the company’s research, the USDC stablecoin received the most funds refunded, followed by the USDT and other altcoins.

Some were helping Nomad by draining funds

According to reports, some people who profited from the project were trying to help Nomad by keeping the cryptocurrency out of the wrong hands. The company then advised ethical researchers and white hat hackers to return the tokens.

Nearly 3.78 million USDC, 2 million USDT, 15.8 million CQT (around $1.38 million), $1.28 million FRAX (roughly $1.2 million), 100 ETH (roughly $164k), and 200 WETH (roughly $328k) were recovered, according to PeckShield. However, more than half of the stolen money is still at three major addresses.

Notably, the team is presently working with law enforcement and a blockchain intelligence agency TRM Labs, to track the stolen money and locate the recipient wallets.

Just a few days before the security issue, Nomad disclosed raising $22.4 million in a seed round from prominent business investors like Coinbase Ventures, OpenSea, CryptoCom Capital, Polygon, Gnosis, and Polygon. 

The DeFi sector is facing serious questions from the community after a recent streak of hacks in the past year. While the former Blockcstream executive questioned the centralized nature of DeFi projects in April, as TheCoinRise reported, blockchain security company CertiK also believes that DeFi is not “decentralized” enough since attackers commonly use centralized weak spots to drain millions of hard-earned funds.

June 13, 2025

Crypto adoption is accelerating in new ways. Kaspa (KAS) is drawing..

June 13, 2025

Aleksei Andriunin, the founder and CEO of Gotbit, has been sentenced..

June 13, 2025

AAVE’s price movement is holding strong after the Umbrella upgrade, while..

features-presales-thunder

Floppypepe ($FPPE) is your ticket to the moon. Escape the ordinary and reach for lunar gains with this AI meme token. Secure your spot now before it's too late.

Join Now