The hacker was able to gain access to Karp’s computer and modify the metamask extension.
Karp tweeted out at the hacker asking for the money back in exchange; he would give the hacker $300,000.
Attacker.— Hugh Karp 🐢 (@HughKarp) December 14, 2020
The mempool is a dark forest, but the IPs on the internet are quite transparent.
I'm still happy to honour the bounty if you return the funds (less the bounty) within the next 12 hours. No questions asked.
To the attacker. Very nice trick, definitely next level stuff.— Hugh Karp 🐢 (@HughKarp) December 14, 2020
You'll have trouble cashing out that much NXM.
If you return the NXM in full, we will drop all investigations and I will grant you a $300k bounty.
The hacker was able to construct a scheme more ingenious than the Nexus Mutual Project. Karp is responsible and uses a hardware wallet, but that seemed to be no match as the hacker gained remote access through Karp’s computer. The hacker modified Karp’s metamask extension, tricking him into signing away his hard work. So much being an insurance company, probably should’ve covered his own ass.
The good thing about the hack is Nexus Mutual and its members were not harmed by this… yet. The hack seemed to be a personal attack on Karp.
The hacker converted the 370,000 NXM of stolen funds into wrapped NXM (WNXM). It’s reported the attacker also cashed out up to half of the WNXM by converting it into Bitcoin. RIP.
The interesting part about this story is the dialog between the hacker and Karp. The hacker said in the input data of an Ethereum transaction, “Hello Hugh. I will not sell wNXM anymore until wNXM recovers its value or you send me 4.5k ETH. If you need any negotiation with me, send msg to my eth address. Following are your addresses. You are rich, Hugh. 0x87B2a7559d85f4...”
Yikes Karp, this shit ain’t looking good for you
"Hello Hugh. I will not sell wNXM any more until wNXM recovers his value or you send me 4.5k ETH.If you need any negotiation with me, send msg to my eth address.Following are your addresses. You are rich, Hugh.0x87B2a7559d85f4..." - 0x07840..482https://t.co/PwH8yIk7aL
— EtherText (@EtherText) December 16, 2020
How will 2020 end for Karp and his company?
This whole situation does not look good for Karp and Nexus Mutual as the hackers have now threatened to dump the remaining WNXM into the market, which could make the coin plunge.
The community has since set up a gitcoin grant to compensate Karp. But he plans on taking all the funds raised to create a bounty and produce “A highly secure solution for interacting with smart contracts, designed for a retail user with fantastic UX.” Good luck with that!
Some of our community have set-up a gitcoin grant to donate to me personally to compensate for some of the hack losses.— Hugh Karp 🐢 (@HughKarp) December 19, 2020
While extremely kind I don't think I should be compensated.
There are still many questions to be answered.
How did the hacker get Karp’s IP?
What will the hacker do with the rest of the WNXM?
Will the hacker ever be caught?
Will Karp become the poster child of his own product the next time he gets hacked?