DeFi

Ronin

Nexera

Nexera protocol has been exploited for $1.5 million worth of digital assets in another smart contract security incident.
Nexera, a <a href="https://cointelegraph.com/learn/defi-a-comprehensive-guide-to-decentralized-finance">decentralized finance (DeFi)</a> protocol aiming to bridge DeFi with traditional finance, was hacked for $1.5 million worth of Nexera (NXRA) tokens, <a href="https://x.com/CyversAlerts/status/1821069428630679920" target="_blank" rel="noopener nofollow">according</a> to an Aug. 7 X post by Cyvers:
<blockquote data-ct-non-breakable="true">
 “Our system has detected a suspicious transaction involving your proxy contract.&nbsp;An address took ownership of your proxy contract and upgraded it. Shortly after, the address used the withdraw admin function to transfer all the $NXRA tokens.”
</blockquote>
<figure data-ct-non-breakable="true">
 <img src="https://s3.cointelegraph.com/uploads/2024-08/fa868aaa-8697-47a0-8828-12b7af1b13b2.jpeg" alt="DeFi protocol Nexera hacked for $1.5M via smart contract exploit" title="">
 <figcaption style="text-align: center;">
 Nexera exploit. Source: Cyvers
 </figcaption>
</figure>
While the $1.5 million counts as a relatively small incident, it comes only a <a href="https://cointelegraph.com/news/ronin-network-exploit-9-8m-eth-white-hat-hacker">day after Ronin Network was exploited</a><a href="https://cointelegraph.com/news/ronin-network-exploit-9-8m-eth-white-hat-hacker"></a> for $9.8 million worth of Ether (<a href="https://cointelegraph.com/ethereum-price">ETH</a>) tokens by a suspected white hat hacker, who returned all the lost funds within a few hours.
Related: <a href="https://cointelegraph.com/news/top-50-cryptos-lose-2024-gains-510b-selloff">$510B crypto sell-off wipes 2024 gains for top 50 coins</a>
<h2 data-ct-non-breakable="true" id="the-hacker-is-already-on-the-run-with-the-funds">The hacker is already on the run with the funds</h2>
Showcasing the malicious intent of the incident, the hacker is already on the run with the stolen funds.
The hacker has started selling part of the NXRA tokens for Ether, according to Cyvers:
<blockquote data-ct-non-breakable="true">
 “The address is currently selling all the tokens for $ETH, and some of the funds have already been bridged to the $BNB chain. The total estimated loss is around $1.5 million.”
</blockquote>
Hackers often convert their stolen tokens into Ether, to launder the funds via cryptocurrency mixers like Tornado Cash, making the origin of the funds more difficult to trace for cybersecurity firms.
Related: <a href="https://cointelegraph.com/news/market-makers-sold-300m-ether-august-2024">Market makers sold over $300M Ether as ETH price crashed below $2,200</a>
<h3 data-ct-non-breakable="true" id="nexera-hacker-connected-to-previous-exploits-onchain-investigator">Nexera hacker connected to previous exploits — Onchain investigator</h3>
This isn’t the first malicious incident caused by the exploiter, according to onchain data.
The exploiter’s addresses are connected to previous private key compromises as well, according to onchain investigator ZachXBT, who wrote in an Aug. 7 Telegram post:
<blockquote data-ct-non-breakable="true">
 “Attacker is connected on-chain to recent private key compromise incidents such as SpaceCatch, Concentric Finance, OKX DEX, Serenity Shield, Reach, and many more.”
</blockquote>
<figure data-ct-non-breakable="true">
 <img src="https://s3.cointelegraph.com/uploads/2024-08/16a44768-4cea-400e-b0ae-ec78a838e9da.jpg" alt="DeFi protocol Nexera hacked for $1.5M via smart contract exploit" title="">
 <figcaption style="text-align: center;">
 Nexera exploit, stolen fund flow. Source: ZachXBT
 </figcaption>
</figure>
The exploit occurred nearly three weeks after a hacker stole over <a href="https://cointelegraph.com/news/indian-crypto-exchange-wazirx-hack-235m">$230 million from WazirX</a>, an Indian cryptocurrency exchange, in the second-largest cryptocurrency hack of 2024 so far.
Magazine: <a href="https://cointelegraph.com/magazine/5-ways-crypto-bots-are-ruining-crypto-including-auto-memecoin-rug-pulls/">How crypto bots are ruining crypto — including auto memecoin rug pulls</a>

DeFi protocol Nexera hacked for $1.5M via smart contract exploit

Table of Contents

Cointelegraph

Other articles published on Aug 7, 2024

JITO Foundation Releases Code for Jito Restaking on Solana

Hundreds of Dormant Crypto Wallets Transfer Billions in ETH

Best Decentralized Crypto Exchanges

Polkadot’s Price Dips Sharply

Here’s Why Dogecoin Holders See More Benefit In Investing Mpeppe (MPEPE)

Ethereum Price Recovery Likely as BOJ Softens Rate Hike Talk

Join our free newsletter for daily crypto updates!