Editor's Note: This article comes fromCybtc Blockchain (ID: cybtc_com), reprinted by Odaily with authorization.
Editor's Note: This article comes from
Cybtc Blockchain (ID: cybtc_com)
Cybtc Blockchain (ID: cybtc_com)
, reprinted by Odaily with authorization.
Many people may think that this only exists in stories, but today it is played out in real life.
On December 14, the DEFI insurance agreement Nexus Mutual tweeted that the personal address of its founder Hugh Karp was attacked by a platform user, and 370,000 NXM was stolen, with a loss of more than $8 million. It has to be said that the story did come from Life.
Nexus Mutual is a DEFI insurance agreement, which is mainly used to protect problems caused by smart contract code loopholes and prevent losses caused by hackers attacking these loopholes. Currently, the only well-known insurance projects in DEFI are Nexus Mutual and Opyn. Therefore, it can be seen that Nexus Mutual still has great advantages in the field of DEFI segmentation.
According to the data of relevant materials, Nexus Mutual is applied to the smart contract guarantee of multiple DEFI protocols. It can be seen that its business still has certain market demand.
image description
Source: HOW TO DEFI
The official stated that this was a targeted attack, only the address of the founder was affected, and there was no subsequent risk to Nexus Mutual or other members. The main details are that its founder Karp used a hardware wallet. The attacker took control of his computer and then modified the wallet plug-in MetaMask to trick him into signing transactions and transferring funds to the attacker's own address.
However, because Nexus Mutual requires customers to register for KYC before using it, the attacker completed KYC 11 days ago, and then changed to a new address, and currently does not know the authenticity of this KYC information. Of course, if this KYC If the information is false, it may be a loss for Karp.
Even if the hacker's KYC information is true, it will be fatal to the reputation of Nexus Mutual. Being attacked in the field he is most familiar with can be said to be the biggest provocation and slap in the face of the hacker. This is for a DEFI insurance company. For the project side, it is the biggest problem, and it also makes the public doubt its technical capabilities.
After hackers steal coins, the inevitable next step is to convert NXM to wNXM, and then cash out on various trading platforms. At this time, KYC basically loses its effect. Therefore, for users holding wNXM, it is necessary to Pay attention to currency price risks, and users who currently hold wNXM leveraged tokens should pay more attention to risks.
For users watching the excitement, what needs to be noted here is that we all know that hackers spread the net to steal digital assets, such as hacking a certain platform, and then looking for passwords or user accounts with weak protection capabilities. Or attack the computers of ordinary users on a large scale, install viruses, and then wait on the sidelines. However, in the past few years, attacks against designated users have also begun to increase. For users with large assets, they have to guard against it.
Generally speaking, attacks against designated users are more troublesome and complicated, and the difficulty is also very high. Therefore, in the past, such incidents were basically committed by acquaintances, but sometimes they were specially targeted. This type of event is set with a special process, we can divide this type of event into the following steps:
1. Collect target user information
2. Contact and interact with target users on the grounds of certain things
3. Send viruses to control the target user's equipment
4. Take the bait
