Hugh Karp, the founder of DeFi insurance service Nexus Mutual (NXM), has reportedly lost over $8 million to a suspected hacker.
DeFi platforms and participants alike have seen millions of dollars in funds drained from their accounts by hackers throughout 2020.
370,000 NXM Tokens Stolen from Founder’s Wallet
Tweeting on Dec. 14 Nexus Mutual revealed that Karp’s personal wallet suffered a malicious breach earlier in the day. According to an initial investigation by the project, the suspected hacker gained remote access to Karp’s computer and modified his MetaMask extension.
The attacker then proceeded to deceive Karp into signing a transaction with the tainted MetaMask extension resulting in the loss of about 370,000 NXM tokens currently worth $8.2 million.
According to Nexus Mutual, the suspected hacker completed the platform’s know your customer (KYC) verification process earlier in December. However, they reportedly switched membership from the ‘KYC-ed’ address to a new crypto address.
Nexus Mutual Funds Safe Despite Attack on Founder
Despite the attack, Nexus Mutual says the project pools are safe, adding:
“Only Hugh’s address was affected in this targeted attack and there is no subsequent risk to Nexus Mutual or any members […] The mutual is not impacted; the pool of funds and all systems are safe. Our investigation is ongoing to identify the attacker and how they operated.”
As previously reported by BeInCrypto, Nexus Mutual rolled out its crypto custody insurance coverage service earlier in December. The cover is supposed to offer compensation for victims from hacks especially in the light of several flash loan exploits and opportunistic profiteering attacks in the DeFi space.
Back in September, Nexus Mutual also partnered with DeFi heavyweight Yearn.Finance to offer insurance cover for DeFi tokens.
According to blockchain intelligence firm CipherTrace, the DeFi space is now the new hunting ground for rogue actors in the crypto space. Indeed, while cryptocurrency theft is on the decline generally, the DeFi market has seen a spate of hacks and exploits leading to significant losses.