Wednesday, October 4, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

Hackers steal almost $200 million from crypto firm Nomad

Researcher by Researcher
August 4, 2022
in Cybersecurity
0
Hackers steal almost $200 million from crypto firm Nomad
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


The theft of $190 million of cryptocurrencies owned by Nomad users highlights the challenges involved in securing digital assets.

Male hacker stealing crypto currency concept
image: Adobe Stock

U.S. crypto firm Nomad has been the victim of a digital theft that saw hackers make off with $190 million of cryptocurrencies owned by users of the service. On August 1, Nomad confirmed the theft in a tweet that said: “We are aware of the incident involving the Nomad token bridge. We are currently investigating and will provide updates when we have them.”

Must-read security coverage

Tapping into the current cryptocurrency craze, Nomad develops software that connects different blockchains such as Bitcoin and Ethereum. The goal is to help cryptocurrency investors securely swap their digital assets, or tokens, across the various blockchains without having to use a third party as a go-between. The token bridge referenced in Nomad’s tweet is a tool that helps users transfer their tokens across the disparate blockchains.

Token bridges: Blockchain security targets

Blockchain token bridges have been hit by several thefts in the past, with more than $1 billion stolen from such bridges so far in 2022, Reuters has reported, citing information from blockchain analytics firm Elliptic. In June, U.S. crypto firm Harmony revealed that hackers grabbed around $100 million worth of tokens from its Horizon bridge product. And in March, hackers stole around $615 million worth of cryptocurrency from Ronin Bridge, a tool used to transfer assets in the game Axie Infinity.

These thefts point to the vulnerabilities of blockchain token bridges and the difficulties in trying to secure cryptocurrency transactions.

“While we have had thousands of years to learn how to secure physical assets and money, the practices of securing digital currency, especially cryptocurrency, are still in their infancy,” said Erich Kron, security awareness advocate for security awareness training firm KnowBe4. “Unlike physical assets, attacks against digital goods and money can be done from anywhere in the world, and unlike when a person is arrested for attempting to steal physical goods, attempts to steal digital items are accepted as normal, and rarely is an arrest made.”

On August 2, Nomad posted a follow-up tweet with updates on the incident. The company said that it’s working with leading chain analysis and intelligence firms as well as law enforcement to trace and try to recover the stolen funds. It also said that it’s developing technical fixes and an action plan, presumably to try to prevent future such thefts.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

What can victims expect?

For now, Nomad is relying on the good graces of white hat hackers to return some of the stolen currency. The company said that it’s working with custodian bank Anchorage Digital to accept and secure Ethereum and ERC-20 (Ethereum Request for Comments 20) at a specific digital wallet. The home page for Nomad’s website is even displaying a notice calling on “White Hat Hacker Friends” to return ETH or ERC-20 to the wallet address. Otherwise, recovering the stolen funds may be difficult.

“The non-reversible nature of cryptocurrency has made it a favorite for cybercriminals,” Kron said. “Unlike even many digital transactions between banks, which can be reversed, once a cryptocurrency transaction happens, it is permanent. Even more frustrating is the fact that we can see the accounts the currency resides in but can do very little about it unless that account is verified and connected directly to a person.”

How can crypto companies and investors better protect themselves from compromise?

“For individuals or organizations dealing in cryptocurrency, understanding the threats they face is vital,” Kron said. “Since social engineering attacks such as phishing, vishing and smishing are some of the top methods bad actors are using to attack the sector, those dealing with cryptocurrency, especially organizations, should ensure users are continually educated in how these attacks work, and tested often with simulated attacks.”





Source link

Related articles

Sentra Raises $30 Million for DSPM Technology

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

August 13, 2023
Minimizing Risk Through Proactive Apple Device Management: Addigy

Minimizing Risk Through Proactive Apple Device Management: Addigy

August 12, 2023
Tags: cryptoFirmHackersmillionNomadSteal
Share76Tweet47

Related Posts

Sentra Raises $30 Million for DSPM Technology

Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach

August 13, 2023
0

Northern Ireland’s top police officer apologized Thursday for what he described as an “industrial scale” data breach in which the...

Minimizing Risk Through Proactive Apple Device Management: Addigy

Minimizing Risk Through Proactive Apple Device Management: Addigy

August 12, 2023
0

Enterprise IT teams are struggling to cope with three major forces of change: the evolving regulatory environment, a globally dispersed...

Decipher Podcast: Katelyn Bowden and TC Johnson

Decipher Podcast: Katelyn Bowden and TC Johnson

August 12, 2023
0

Veilid main site: https://veilid.com/ Cult of the Dead Cow site: https://cultdeadcow.com/ Source link

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack 

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

August 12, 2023
0

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under...

Used Correctly, Generative AI is a Boon for Cybersecurity

Used Correctly, Generative AI is a Boon for Cybersecurity

August 12, 2023
0

Adobe stock, by Busra At the Black Hat kickoff keynote on Wednesday, Jeff Moss (AKA Dark Tangent), the founder of...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
Microsoft to Block Macros by Default in Office Apps

Qakbot Email Thread Hijacking Attacks Drop Multiple Payloads

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
Browse Safer and Faster Around the World with JellyVPN for just $34.99

Browse Safer and Faster Around the World with JellyVPN for just $34.99

October 3, 2023
Hackers Steal User’s Database From European Institute

Hackers Steal User’s Database From European Institute

October 3, 2023
Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

October 2, 2023
AWS Honeypot to Disrupt Threat Actors

AWS Honeypot to Disrupt Threat Actors

October 2, 2023

Recent Posts

Browse Safer and Faster Around the World with JellyVPN for just $34.99

Browse Safer and Faster Around the World with JellyVPN for just $34.99

October 3, 2023
Hackers Steal User’s Database From European Institute

Hackers Steal User’s Database From European Institute

October 3, 2023
Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare

October 2, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • LetsAskBinuBlogs
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cyber Cybersecurity Data Digital exploited financial Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches platform Ransomware RoundUp security services Software Stories TFT Threat Top vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved