Nexus Mutual Founder Details Firsthand Account of $8M MetaMask Hack

Share Article
In Brief
  • Hugh Karp's PC was compromised before attack.

  • MetaMask browser extension replaced.

  • Ledger users are now targets for similar personal attacks.

  • promo

    Want to learn how to trade? Get a beginners guide from _BeInCrypto Academy_ now!

The Trust Project is an international consortium of news organizations building standards of transparency.

The founder of DeFi insurance protocol Nexus Mutual has published a postmortem on a targeted attack using MetaMask that resulted in the personal loss of $8 million in crypto assets.



On Dec. 14, Nexus Mutual founder Hugh Karp had a nasty surprise when he was tricked into making a transaction to an attacker’s address via MetaMask. This resulted in the loss of 370,000 Nexus Mutual tokens (NXM) worth around $8.4 million at the time.

Karp has now detailed the attack in the hope that others will not fall victim to the same scam.



Windows PC and MetaMask Compromised

The DeFi expert stated that he was using a Ledger connected via MetaMask to interact with the Nexus Mutual application at the time on a computer running Microsoft Windows.

A few days earlier, Karp noticed some screen flickering while composing an email but didn’t pay it much attention. An hour later, on Dec. 11, the MetaMask extension was altered from disk and replaced with a malicious version.

On the day of the attack he went to claim some shield mining rewards through the MetaMask extension which popped up a spoof transaction instead of one to the intended destination. The transaction appeared on the Ledger and had gone through but there was no confirmation from the Nexus Mutual app which is when the penny dropped.

He added that he should have been more careful in checking the transaction details, but the vulnerability was his PC which was likely hijacked by malware.

“While most Metamask attacks phish your private keys by tricking you into downloading a malicious version, this was not the case here.”

Karp has been working with cybersecurity experts at Kaspersky but the actual exploit is still unknown. He added that MetaMask, which has begun beefing up its security, is a clear target of many attacks, and;

“DeFi power users should probably assume Metamask is compromised at all times unless they are running it on a separate clean machine that does nothing but sign transactions.”

Ledger Users Be Warned

Following the recent Ledger data breach, anyone owning this hardware wallet is likely to become a similar target. Hackers now have access to their emails, phone numbers, and address details thanks to slack security from the French wallet manufacturer.

Some of the community set up a Gitcoin grant to compensate Karp for some of his losses, however, he stated that he doesn’t feel that he should be compensated. He suggested raising a bounty to fund the development of a highly secure solution for interacting with smart contracts designed for retail users.

No such luxuries are available to Ledger owners who get hacked. The company has already stated it has no intention of offering refunds or assistance.

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Share Article

Martin has been writing on cyber security and infotech for two decades. He has previous trading experience and has been actively covering the blockchain and crypto industry since 2017.

Follow Author

Trade with the Best Crypto Signals - guaranteed profits with over 70% accuracy

Join now

Want to learn how to trade? Get a beginners guide from BeInCrypto Academy!

Learn now