fxs_header_sponsor_anchor

DeFi protocol Nexera hacked for $1.5 million via smart contract exploit

Nexera protocol has been exploited for $1.5 million worth of digital assets in another smart contract security incident.

Nexera, a decentralized finance (DeFi) protocol aiming to bridge DeFi with traditional finance, was hacked for $1.5 million worth of Nexera (NXRA) tokens, according to an Aug. 7 X post by Cyvers, that wrote:

Our system has detected a suspicious transaction involving your proxy contract. An address took ownership of your proxy contract and upgraded it. Shortly after, the address used the withdraw admin function to transfer all the $NXRA tokens.

Nexera exploit. Source: Cyvers

While the $1.5 million counts as a relatively small incident, it comes only a day after Ronin Network was exploited for $9.8 million worth of Ether (ETH $2,526) tokens, by a suspected white hat hacker, who returned all the lost funds within a few hours.

The hacker is already on the run with the funds

Showcasing the malicious intent of the incident, the hacker is already on the run with the stolen funds.

The hacker has started selling part of the NXRA tokens for Ether, according to Cyvers:

The address is currently selling all the tokens for $ETH, and some of the funds have already been bridged to the $BNB chain. The total estimated loss is around $1.5 million.

Hackers often convert their stolen tokens into Ether, to launder the funds via cryptocurrency mixers like Tornado Cash, making the origin of the funds more difficult to trace for cybersecurity firms.

Nexera hacker connected to previous exploits: on investigator

This isn’t the first malicious incident caused by the exploiter, according to onchain data.

The exploiter’s addresses are connected to previous private key compromises as well, according to onchain investigator ZachXBT, who wrote in an Aug. 7 Telegram post:

Attacker is connected on-chain to recent private key compromise incidents such as SpaceCatch, Concentric Finance, OKX DEX, Serenity Shield, Reach, and many more.

Nexera exploit, stolen fund flow. Source: ZachXBT

The exploit occurred nearly three weeks after a hacker stole over $230 million from WazirX, an Indian cryptocurrency exchange, in the second-largest cryptocurrency hack of 2024 so far.

Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.


RELATED CONTENT

Loading ...



Copyright © 2024 FOREXSTREET S.L., All rights reserved.