{"id":132944,"date":"2020-12-14T15:36:48","date_gmt":"2020-12-14T12:36:48","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/founder-of-defi-protocol-nexus-mutual-gets-hacked-for-8m\/"},"modified":"2020-12-14T15:36:48","modified_gmt":"2020-12-14T12:36:48","slug":"founder-of-defi-protocol-nexus-mutual-gets-hacked-for-8m","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/founder-of-defi-protocol-nexus-mutual-gets-hacked-for-8m\/","title":{"rendered":"# Founder of DeFi protocol Nexus Mutual gets hacked for $8M"},"content":{"rendered":"

# Founder of DeFi protocol Nexus Mutual gets hacked for $8M
\n<\/strong>”
\n<\/p>\n

\nAn unknown attacker stole $8 million from the personal wallet of Hugh Karp, the CEO of DeFi coverage platform Nexus Mutual. <\/p>\n

According to a disclosure<\/a> by Nexus Mutual, the funds were drained on Monday morning UTC by compromising Karp\u2019s personal device. The hacker reportedly managed to install a compromised version of MetaMask that tricked Karp into signing a transaction that redirected all his NXM tokens to an attacker-controlled address.<\/p>\n

The loot<\/a> amounts to 370,000 NXM, worth $8.2 million as of press time. The hacker already began converting<\/a>\u00a0the tokens to Ether (ETH), with a total balance of 354 ETH worth more than $200,000.<\/p>\n

According to Nexus Mutual, Karp was using a hardware wallet. However, the attacker circumvented the protection by replacing a legitimate transaction with his own. Some hardware wallets should provide protection against these types of attack by requiring a confirmation on the device itself, where the display should be protected against this form of tampering.<\/p>\n

The attacker was a member of the mutual, having passed know-your-client verification 11 days ago. The attacker was not fully identified though, with investigations still pending. The attacker needed to be a verified member of the mutual in order to receive NXM tokens, though a Nexus Mutual community manager told Cointelegraph that they are “working on the assumption that [the hacker] could have committed identity fraud.”<\/p>\n

The NXM token dropped 17% since the attack occurred, although the protocol itself was not affected. Nonetheless, the NXM stolen in the hack amounts to app<\/a>roximately 6% of all tokens in circulation, which could pose significant downward pressure on price.<\/p>\n

Karp later complemented<\/a> the attacker for performing a “very nice trick.” He offered a $300,000 bounty and dropping all charges in exchange for returning the tokens, arguing that the hacker would have trouble in converting the NXM into more liquid forms of money.
\n