DeFi protocol Nexera hacked for $1.5M via smart contract exploit

Nexera protocol has been exploited for $1.5 million worth of digital assets in another smart contract security incident.

“Our system has detected a suspicious transaction involving your proxy contract. An address took ownership of your proxy contract and upgraded it. Shortly after, the address used the withdraw admin function to transfer all the $NXRA tokens.”

The hacker is already on the run with the funds

Showcasing the malicious intent of the incident, the hacker is already on the run with the stolen funds.

The hacker has started selling part of the NXRA tokens for Ether, according to Cyvers:

“The address is currently selling all the tokens for $ETH, and some of the funds have already been bridged to the $BNB chain. The total estimated loss is around $1.5 million.”

Hackers often convert their stolen tokens into Ether, to launder the funds via cryptocurrency mixers like Tornado Cash, making the origin of the funds more difficult to trace for cybersecurity firms.

Nexera hacker connected to previous exploits — Onchain investigator

This isn’t the first malicious incident caused by the exploiter, according to onchain data.

The exploiter’s addresses are connected to previous private key compromises as well, according to onchain investigator ZachXBT, who wrote in an Aug. 7 Telegram post:

“Attacker is connected on-chain to recent private key compromise incidents such as SpaceCatch, Concentric Finance, OKX DEX, Serenity Shield, Reach, and many more.”