An unknown attacker stole $ 8 million from the personal wallet of Hugh Karp, the CEO of DeFi coverage platform Nexus Mutual.
According to an disclosure by Nexus Mutual, funds were drained Monday morning UTC by endangering Karp’s personal device. The hacker reportedly managed to install a compromised version of MetaMask that tricked Karp into signing a transaction that rerouted all of his NXM tokens to an attacker-controlled address.
The loot works out to 370,000 NXM, valued at $ 8.2 million as of press time. The hacker has already started to convert the tokens for Ether (ETH), with a total balance of 354 ETH worth more than $ 200,000.
According to Nexus Mutual, Karp used a hardware wallet. However, the attacker bypassed the protection by replacing a legitimate transaction with his own. Some hardware wallets must protect against this type of attack by requiring a mount on the device itself, where the screen must be protected from this form of manipulation.
The attacker was a member of the health insurance fund and passed the know-your-client verification 11 days ago. However, the attacker had not been fully identified and the investigation was still ongoing. The attacker had to be a verified member of the health insurance fund to receive NXM tokens, although a Nexus Mutual community manager told Cointelegraph that they “ operate under the assumption that [the hacker] may have committed identity fraud. “
The NXM token fell 17% since the attack, although the protocol itself was not affected. Nonetheless, the NXM stolen during the hack amounts to about 6% of all tokens in circulation, which could put significant downward pressure on the price.
Karp later supplemented the attacker to perform a “very nice trick”. He offered a bounty of $ 300,000 and dropped all fees in exchange for returning the tokens, arguing that the hacker would struggle to convert the NXM into more liquid forms of money.