CEO of Nexus Mutual Hacked for $8M. Follow our investigation

By:

loading

SCORECHAIN

Date: December 15th 2020

Published on: Investigation

Tags:

AML, AML/CTF, Blockchain Analytics, Crypto Hack,

CEO of Nexus Mutual Hacked for $8M. Follow our investigation

  • A hacker has remotely modified the MetaMask wallet used by Nexus CEO Hugh Karp.
  • He changed a transaction to send the CEO’s funds to his own wallet.
  • The hacker has taken $8 million of Karp’s funds.1

#1 Hack transaction: 370000 NXM ~ 8 millions USD


#2 wrap the NXM to wrapped NXM (only NXM is tradable on Uniswap). it means that  the hacker presumably went through a KYC process because only KYCd users can move NXM


#3 moved wNXM to 0x03e89f2e1ebcea5d94c1b530f638cea3950c2e2b


#4 then there is a lot of swaps using Uniswap (through 1inch to find optimal swap routes)

#5 then he swap all the ETH to renBTC


#6 the hacker(s) burn the renBTC to receive BTC on the Bitcoin blockchain on currently 3 transactions: 46,14 renBTC – 75,93 renBTC – 15,12 renBTC


#7 Now we are on the bitcoin blockchain thanks to the Ren protocol


Please Note Ren Protocol has been used recently by Harvest Finance hackers (฿81.477474) 


#8 Wallet has received the 122 BTC


#9 renBTC burn is planned to this address 3BLjbZkjY2rtvF3mmmFtRcDpbdpVpGPTVS 


#10 Hacker has now 147 BTC

The hacker still have 198K NXM to cashout (53%) => he already managed to cashout in BTC the half of the stolen funds

Last update on Dec 15 2020, 11:00am CET

Read more on

1https://decrypt.co/51355/hacker-steals-8-million-from-nexus-ceo-by-remotely-changing-metamask