- On Dec. 14, the Nexus Mutual founder was hacked for $8 million NXM tokens.
- The KYC-documents, Reddit conversations, and IP tracking unearthed a few clues, but the attacker has been unaffected.
- Meanwhile, the hacker has laundered nearly $3.2 million and now demands another $2.7 million for the remaining wNXM tokens.
Share this article
The Nexus Mutual hacker sent a direct message to Hugh Karp’s Ethereum address this morning, demanding 4,500 ETH worth ($2.7 million) in exchange for the remaining loot.
Nexus Mutual Hacker Unloads on DEXes
The price of Nexus Mutual’s NXM tokens has dropped 15% since the hack. The perpetrator now intends to wait for price recovery before unloading the rest.
While waiting, the hacker has asked the Nexus Mutual founder, Hugh Karp, for a $1.7 settlement to return the remaining loot.
Immediately after the incident on Monday, the attacker converted the KYC-ed NXM tokens to Wrapped NXM (wNXM) on Ethereum, using decentralized exchanges 1inch and Matcha.
Later, the perpetrator laundered $2.7 million, converting wNXM to 137 renBTC stored in two addresses.
During the 12-hour deadline, Hugh Karp placed on the entity to either return the funds for a $300k bounty or face legal consequences.
The attacker has displayed a total disregard for Karp’s threats.
Brave or Stupid?
Today, the assailant converted another $500,000 wNXM into Ethereum and has paused for price recovery before unloading more. The attacker used Tornado Cash, a privacy tool for masking Ethereum transactions, and 1inch exchange to convert wNXM to ETH.
The leftover wNXM tokens, worth nearly $4.5 million, are still at the hacker’s disposal.
The hacker is messaging Hugh directly on-chain and asking 4.5k ETH in return of the remaining wNXM. That’s ~$2.7M that Hugh needs to pay to rescue wNXM and a nice “token swap” from the vermin to exit this illiquid market into good cash ETHhttps://t.co/dWOIAxWlyU https://t.co/o8Pmm3gwg2 pic.twitter.com/8PnteEYYzv
— Julien Bouteloup (@bneiluj) December 16, 2020
So far, the hacker’s KYC documents on Nexus Mutual have revealed a location in Singapore. The IP address, nonetheless, tracked a Japanese site.
Despite the sophistication in carrying out the attack, the attacker seems to have made a few clumsy mistakes, making them vulnerable to IP address tracking. However, it is also possible that the hacker is using a VPN service to mislead investigators.
The audacity of the hacker doesn’t indicate any fear of getting caught.
Nexus Mutual Founder Loses $8 Million in MetaMask Attack
Hackers have drained $8 million in NXM tokens from Nexus Mutual founder Hugh Karp. While Karp is confident of catching the culprits, hackers are already converting the stolen funds on…
$8 Million Nexus Mutual Hacker Lives in Singapore, Says Team
The attacker who stole more than $8 million worth of NXM from Hugh Karp has cashed out a significant portion of his stash. Nexus Mutual has identified many clues pointing…
DeFi Review: What Is Nexus Mutual? Introduction to NXM
Nexus Mutual offers DeFi investors “cover” or “protection” for specific activities within the crypto ecosystem. It’s essentially insurance, but for legal reasons, the team isn’t allowed to call it that….
Credit: Source link