Two days ago, a hacker tricked Nexus Mutual CEO Hugh Karp into signing a transaction that directed 370,000 NXM ($8 million) directly into the hacker's pockets.
After the attack, which was described by Karp as a "neat trick," the Nexus Mutual CEO offered the hacker the chance to return the stolen funds in full in exchange for $300,000. Instead, the hacker has since cashed out at least half of the stolen funds into Bitcoin, and has now directly asked Karp for ransom money representing almost ten times more than the bounty offered.
"Hello Hugh. I will not sell xNXM any more until xNXM recovers his value or you send me 4.5k ETH. If you need any negotiation with me, send msg to my eth address. Following your addresses. You are rich, Hugh," the hacker said.
"Hello Hugh. I will not sell wNXM any more until wNXM recovers his value or you send me 4.5k ETH.If you need any negotiation with me, send msg to my eth address.Following are your addresses. You are rich, Hugh.0x87B2a7559d85f4..." - 0x07840..482https://t.co/PwH8yIk7aL
As reported by Decrypt, the hacker seemingly managed to conduct a remote access hack on the Nexus Mutual CEO that employed the combination of a modified Metamask and hardware wallet.
New data from blockchain analytics company Scorechain has shown what happened since a hacker stole about 370,000 NXM ($8 million) from Nexus Mutual CEO Hugh Karp yesterday.
The hacker used a combination of a modified Metamask and hardware wallet to trick Karp into signing a transaction that directed funds to the attacker’s address. Described as a “targeted personal attack” by Nexus Mutual, and a “very nice trick” by Karp himself, new data sheds light on exactly what happened.
According to Sco...
Based on data provided by Scorechain, the hacker converted the stolen funds to wrapped NXM, then sold the wrapped NXM for ETH, before once again swapping the ETH into renBTC. This enabled the hacker to cash out half of the stolen funds into Bitcoin.
But there are still plenty of stolen funds yet to be cashed out.
Update: This article has been corrected to show it was 4,500 ETH not 450,000 ETH as originally written.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
When Netflix quietly announced plans to remove “Bandersnatch”—the groundbreaking interactive episode from Black Mirror—futurist and journalist Katie Schultz launched a campaign to preserve what she calls a pivotal moment in streaming history.
Outraged at what she saw as the quiet erasure of a significant chapter in streaming innovation, Schultz launched a Change.org petition to preserve Bandersnatch—and within days, it gathered more than 6,500 signatures from show supporters.
“This isn't just ab...
Brazil might pull the plug on popular chat app Discord after a failed terrorist attack at Lady Gaga's mega-concert revealed the platform was used to plan violence against LGBTQ+ attendees.
Brazilian Deputy Guilherme Boulos formally requested Discord's suspension last week, just days after police foiled a plot to attack Lady Gaga's May 3 show at Copacabana Beach—a massive event that drew over 2.1 million people. Authorities conducted their "Fake Monster" operation across four states, executing 15...
People are being tricked into downloading fake AI tools as a way to spread the information stealer malware Noodlophile.
This malware is able to harvest browser credentials, cryptocurrency wallet information and more sensitive data, according to a security researcher.
Morphisec researcher Shmuel Uzan said, in a report, "Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often advertised via legitimate-looking Facebook groups and viral...