An unknown intruder stole $8 million from the personal hardware wallet of Hugh Karp, the CEO of Nexus Mutual’s DeFi coverage site.
According to a Nexus Mutual disclosure, by compromising Karp’s personal computer, the funds were drained on Monday morning UTC. A compromised version of MetaMask was reportedly installed by the hacker, which tricked Karp into signing a transaction that redirected all his NXM tokens to an attacker-controlled address.
The loot, worth $8.2 million as of press time, amounts to 370,000 NXM. The hacker has already started converting tokens to Ether (ETH), with a cumulative balance of more than $200,000.
A hardware wallet was used by Karp, according to Nexus Mutual. However, by replacing a legal transaction with his own, the attacker circumvented the security. By requiring confirmation on the computer itself, where the display should be protected against this sort of tampering, some hardware wallets should provide security against these types of attack.
The intruder was a member of the mutual. 11 days ago, he passed the know-your-client verification. However with inquiries still underway, the perpetrator was not thoroughly identified. In order to receive NXM tokens, the attacker had to be a verified member of the mutual, although a Nexus Mutual group manager told that they were “working on the presumption that [the hacker] may have committed identity fraud.”
After the attack happened, the price of NXM token has dropped 17%, although the protocol itself has not been affected. The NXM stolen in the hack, however, amounts to around 6% of all tokens in circulation, which may lead to considerable price downward pressure.
Karp later supplemented the intruder with “a very nice trick.” In exchange for returning the tokens, he offered a $300,000 reward and dropped all charges, reasoning that the hacker would encounter difficulties converting the NXM into more liquid forms of currency.