Hackers Steal $8.2M Worth of NXM Tokens from Nexus Mutual CEO

Hugh Karp, the chief executive of decentralized finance (DeFi) provider Nexus Mutual, is the latest crypto heavyweight to suffer in the hands of malicious actors.

A Classic Phishing Scam 

Nexus Mutual revealed on Twitter that hackers had broken into Karp’s personal crypto wallet and drained his funds. The hacker managed to install a compromised version of MetaMask, the famous Ethereum-based crypto wallet, and tricked Karp into authorizing a transaction that diverted all his NXM tokens into their wallet.

Nexus explained that Karp had been using a hardware wallet. However, the attacker managed to break the protection protocols by replacing a legitimate transaction with his own. Details of the transaction show that the thief carted away about 370,000 NXM ($8.2 million presently.) On-chain data also indicates that the hacker seems to be converting the tokens to Ether already.

Investigations into the theft are still ongoing. Karp complemented the attacker on the smooth operation, which he calls a “very nice trick.” The CEO offered a $300,000 reward to the thief. He also promises to drop all charges against him in exchange for returning the stolen tokens.

“You’ll have trouble cashing out that much NXM. If you return the NXM in full, we will drop all investigations and I will grant you a $300k bounty,” Karp said.

Security Issues for MetaMask

MetaMask is one of the most famous wallet apps available. However, the service has seen an alarming number of phishing attacks and other hacks this year.

Earlier this month, blockchain forensics and security firm CipherTrace issued a warning after noting an uptick in the reports of a malicious Chrome browser extension for MetaMask that had been stealing user funds.

The warning, titled “ALERT: Malicious Crypto Browser Extension — Masked MetaMask,” explained that CipherTrace had seen a rise in comments and alerts within the online crypto community.

The company added that links to fake MetaMask sites are being reported to crypto projects and forums. Many of them also show up on Google ads above any legitimate search results whenever the “MetaMask” entry is entered into the search engine.

The primary MetaMask problem is phishing. There seem to be several fake sites touting the wallet, and many of them ask new visitors to enter their 12-word seed phrases to connect and upgrade their wallets. But, the hackers simply use the phrases to break into the wallets and steal the victims’ funds.

For its part, MetaMask has stressed that users should only download wallets from its official accounts on their app marketplaces.