Nexus Mutual CEO Hugh Karp was the victim of a hacker attack that resulted in the loss of 370,000 NXM tokens, or roughly $ 8 million. The amount of stolen funds is not as important here as the process of theft itself.
The attacker was well prepared and executed his plan flawlessly, adding a little creativity to his scheme of theft.
He managed to trick Karp: the hacker used a combination of a modified Metamask browser extension to get his victim to approve the transfer of their own funds to the scammer’s wallet without realizing it. That is, the hacker’s object not only used fake software, but even personally approved the sending of cryptocurrency to scammers.
Naturally, this result was achieved by disguising and using a fake version of the program.
Information about the hack immediately spread on Twitter, it was also confirmed from the official Nexus Mutual account. All in all, the incident became a “targeted personal attack against Hugh.” Let’s take a look at the details of the hack.
How to lose money in the cryptocurrency niche
Hugh Karp himself was amazed at the hacker’s ingenuity, calling his actions “something of a completely different level,” according to Decrypt. He also noted that the attacker will clearly have problems selling such a large volume of tokens and withdrawing the entire amount into regular currency. As a result, Karp even offered the hacker to return all funds in full for a reward of $ 300,000.
Most likely, an attacker will never agree to such conditions, especially now that he has more than $ 8 million in his pocket. However, in some cases, hackers do return the money, so it’s too early to draw final conclusions.
At the time of this writing, there is no information yet on whether the hacker returned the tokens to Karp’s wallet. However, the company’s offer is still valid. It is noteworthy that so far the price of the NXM token has not gone into a big minus and is kept at about the same level as a few days ago. However, if a hacker begins to quickly drain the stolen tokens, the fall cannot be avoided.
As a result, it all boiled down to the fact that the hacker gained remote access to the platform manager’s computer, and then made changes to the operation of the popular MetaMask wallet, in fact, making the latter an accomplice in his own scheme. Thanks to the influence on the work of the extension, the hacker was able to hide the sending of funds to his own addresses and pass off the transfers as something else. That is, Hugh Karp did not even suspect that he was sending cryptocurrency from the hardware wallet to the wrong place and not in the volumes that he had planned. That is why the victim called what was happening “a new level.”
The hack itself happened the day before and only affected Karp’s cryptocurrency address. The Nexus team clarified that “there is no risk to Nexus Mutual or its members.” In addition, some information about the hacker is already known. He “completed his identity verification process 11 days ago and then switched his platform membership to a new address on Friday December 3rd.”
The Nexus team knows the address where the stolen funds are stored, some of which are already being withdrawn using the 1Inch exchange. At the time of this writing, the management of the trading platform has not yet entered into public contact regarding the blocking of NXM deposits.
Not everyone agreed with Karp’s comments. As Anchorage co-founder Diogo Monica noted, “the attack is not a new level,” and “browsers are too dangerous to conduct cryptocurrency transactions.” According to the expert, in this case, hardware wallets without a screen will not save users from hacking.
The mention of the screen is very important. The fact is that the picture on the external screen of such a device does not depend on what is happening on the computer. Accordingly, even if a hacker breaks into MetaMask, the same Ledger, when signing a transaction, will show the real address to which funds are sent. And this is another reminder of the importance of verifying all data when sending funds.
We believe that the situation once again confirms the presence of great risks in the cryptocurrency niche. If you attract the attention of a talented hacker, the user can easily lose their own funds.
However, it is still possible to resist scammers. As we have already noted, it is better to choose hardware wallets with separate screens. In addition, you need to check the address data several times before sending it and, if possible, store coins at several addresses in order to be less vulnerable to attacks and in which case not to lose everything at once.