Crypto service Nomad offers "bounty" after $200 million theft

Market fraud and skepticism fuel crash of cryptocurrency

CBS News See more videos

SHARE

SHARE

TWEET

SHARE

EMAIL

What to watch next

• 

  Democrats focus on bill to reduce deficit, fund health care and fight climate change

  
  CBS News
• 

  LIV golfers file antitrust lawsuit against PGA Tour

  
  CBS News
• 

  Scammers demand restaurants pay up or get slammed with one-star review

  
  CBS News
• 

  Error led Equifax to send wrong credit scores

  
  CBS News
• 

  State abortion laws in flux since Supreme Court overturned Roe v. Wade

  
  CBS News
• 

  China warns U.S. will "pay the price" if Pelosi visits Taiwan

  
  CBS News
• 

  Breaking down the U.S. economy's mixed signals

  
  CBS News
• 

  Fighting the lies about Sandy Hook

  
  CBS News
• 

  Stock market makes gains to close out the week after Fed interest rate hike

  
  CBS News
• 

  President Biden calls out U.S. oil companies as gas prices soar

  
  CBS News
• 

  Amid recession fears in bear market, experts say 401(k) investors should think long term

  
  CBS News
• 

  Hershey warns of Halloween candy shortage

  
  CBS News
• 

  Fires ravage drought-stricken West

  
  CBS News
• 

  Tips for asking for a pay raise

  
  CBS News
• 

  MoneyWatch: Housing market shows signs of cooling as home sales drop in June

  
  CBS News
• 

  Saudi crown prince denies ordering Jamal Khashoggi's murder

  
  CBS News

Click to expand

Replay Video

• Democrats focus on bill to reduce deficit, fund health care and fight climate change A vote on the Senate's Inflation Reduction Act could come as early as next week. While the last-minute bill covers a lot of ground, many of the Democrats' top priorities fell to the wayside during secret negotiations between Senators Chuck Schumer and Joe Manchin. CBS News political contributor and Democratic strategist Joel Payne joined Vladimir Duthiers and Christina Ruffini to discuss what's in, what's out and what's next for the legislation. CBS News
• LIV golfers file antitrust lawsuit against PGA Tour Phil Mickelson and 10 other players participating in the Saudi-backed LIV Golf tournament are suing the PGA Tour, claiming it broke antitrust laws by suspending them because of their participation in the LIV series. CBS News
• Scammers demand restaurants pay up or get slammed with one-star review Restaurant owners are falling victim to extortion schemes and are being demanded to pay up or face a slew of bad online reviews. Janet Shamlian has more. CBS News

UP NEXT

Cryptocurrency service Nomad is offering a "bounty" to anyone who returns funds stolen from the company in a nearly $200 million theft on Monday. 

Nomad said it will pay up to 10% of the digital funds taken by hackers and vowed not to pursue legal charges against parties that return at least 90% of the money. 

"The most important thing in crypto is community, and our No. 1 goal is restoring bridged user funds," Nomad CEO Pranay Mohan said in a statement. "To support that effort, we will treat any party who returns 90% or more of exploited funds as a white hats. We will not prosecute white hats."

The company released details on how to return the stolen cryptocurrency in a post on Medium. "Nomad is working closely with law enforcement and will advocate for no criminal charges when white hats return funds," Nomad said.

The attack on Nomad started Monday and lasted into Tuesday morning, with hackers siphoning off the digital funds in a matter of hours. The company said it has since recovered $20 million. 

Nomad operates a so-called blockchain bridge, which allows people to move tokens from one blockchain to another, solving the challenge of interoperability between different types of cryptocurrencies. But these technologically complex services have been prone to attacks, with hackers exploiting security vulnerabilities to steal more than $1 billion in assets so far in 2022, according to forensics firm Elliptic.

One security researcher on Twitter described the Nomad attack as "chaotic" and a "free-for-all," with people swarming to drain the accounts after realizing that a security flaw meant that if they could find a valid transaction request, they could replace the other person's address with their own and effectively redirect assets to their own accounts. 

Nomad blamed "impersonators posing as Nomad and providing fraudulent addresses to collect funds."

The theft follows the hack of blockchain bridge Harmony in June, which lost about $100 million in the attack. These bridges are seen as especially vulnerable to hacks partly because of their relative newness and inevitable bugs and are therefore frequently targeted by cybercriminals. Recent hacks include the $320 million wormhole hack in February and the more than $600 million Ronin Network hack in March.

Bridges are also susceptible to theft because they hold a lot of cryptocurrencies, making them targets for hackers, and due to their lack of decentralization and oversight, according to Elliptic. Some bridges don't require many signatures to approve a transaction, and some services have sacrificed security as they develop quickly, the group added.