Founder of DeFi protocol Nexus Mutual gets hacked for $8M

Are we connected on Twitter or Instagram? Follow @JulioMedina

An unknown attacker stole $8 million from the personal wallet of Hugh Karp, the CEO of DeFi coverage platform Nexus Mutual.

According to a disclosure by Nexus Mutual, the funds were drained on Monday morning UTC by compromising Karp’s personal device. The hacker reportedly managed to install a compromised version of MetaMask that tricked Karp into signing a transaction that redirected all his NXM tokens to an attacker-controlled address.

The loot amounts to 370,000 NXM, worth $8.2 million as of press time. The hacker already began converting the tokens to Ether (ETH), with a total balance of 354 ETH worth more than $200,000.

According to Nexus Mutual, Karp was using a hardware wallet. However, the attacker circumvented the protection by replacing a legitimate transaction with his own. Some hardware wallets should provide protection against these types of attack by requiring a confirmation on the device itself, where the display should be protected against this form of tampering.

The attacker was a member of the mutual, having passed know-your-client verification 11 days ago. The attacker was not fully identified though, with investigations still pending. The attacker needed to be a verified member of the mutual in order to receive NXM tokens, though a Nexus Mutual community manager told Cointelegraph that they are “working on the assumption that [the hacker] could have committed identity fraud.”

The NXM token dropped 17% since the attack occurred, although the protocol itself was not affected. Nonetheless, the NXM stolen in the hack amounts to approximately 6% of all tokens in circulation, which could pose significant downward pressure on price.

Karp later complemented the attacker for performing a “very nice trick.” He offered a $300,000 bounty and dropping all charges in exchange for returning the tokens, arguing that the hacker would have trouble in converting the NXM into more liquid forms of money.

Picture of Julio Medina

Julio Medina

Just some guy on the interwebs. I'm interested in all facets of internet marketing and technology.

Anything you want to say? Leave your thoughts or comments below...

Get My Emails...

Keep In Touch