Crypto firm Nomad offers 10% bounty after $261.4 million hack

SINGAPORE (BLOOMBERG) – Cryptocurrency company Nomad is offering a bounty to recoup funds spirited away in a US$190 million (S$261.4 million) hack that again highlighted security vulnerabilities in the digital token sector.

Anyone returning at least 90 per cent of stolen tokens will be viewed as a so-called white hat hacker who seeks to spotlight vulnerabilities rather than make malicious gains, according to a statement from Nomad. The remaining 10 per cent would effectively become the reward.

“We will not prosecute white hats,” Mr Pranay Mohan, chief executive officer of Nomad, said in the statement. “But we will continue to work with our partners, intelligence firms and law enforcement to pursue all other malicious actors to the fullest extent under the law.”

Nomad is a bridge protocol, a tool for transferring tokens across blockchains to make different networks interoperable. Bridges have become one of the crypto sector’s weak points after numerous hacks; some US$2 billion worth of tokens have been swiped from them in 2022, consultancy Chainalysis estimated.

Nomad has recovered around US$20 million of the US$190 million so far, based on data from Etherscan, a platform for analysing the Ethereum blockchain, as well as the bridge provider’s estimates.

Nomad said it is working with crypto forensics specialist TRM Labs and law enforcement officials to identify the hackers. Nomad has also partnered with crypto platform Anchorage Digital to accept and safeguard retrievable funds.

The attack on Nomad emerged earlier this week. The crypto industry suffered another black eye soon after, when hackers targeted the Solana ecosystem on Wednesday (Aug 3), with thousands of wallets affected.