CEO of DeFi Insurer Nexus Mutual Hacked for $8M in NXM Tokens

Nexus Mutual's CEO, Hugh Karp, lost the tokens after an attacker gained remote access to his computer.

AccessTimeIconDec 14, 2020 at 1:11 p.m. UTC
Updated Sep 14, 2021 at 10:42 a.m. UTC

The CEO of decentralized finance (DeFi) insurer Nexus Mutual has lost the equivalent to over $8 million in a targeted attack, the firm disclosed Monday.

A total of 370,000 of the project's native NXM tokens were drained from Hugh Karp's address to one owned by the attacker at 09:40 am UTC, according to data source The transaction cost 0.00429472 ETH, or $2.49.

Hugh Karp's personal address transaction
Hugh Karp's personal address transaction

The attacker, also a Nexus Mutual member, completed KYC (know-your-customer) 11 days ago and switched to a new address on Dec. 3, before gaining remote access to Karp's computer and modified MetaMask wallet extension, according to the company's tweets. That tricked him into signing a different transaction that transferred funds from his hardware wallet to attacker's address.

Only Karp's address has been compromised and so far Nexus Mutual and its members have remained unaffected. "The mutual is not impacted; the pool of funds and all systems are safe," according to another tweet an hour ago.

Since news of the attack broke, the price of wrapped NXM tokens has declined by over 14% to 16.66 USDT (tether) on cryptocurrency exchange Huobi.

Some of the stolen funds have been transferred via decentralized exchange aggregator "We welcome any assistance to stop the funds, which will likely move quickly," Nexus said.

Nexus Mutual is a community-owned insurance alternative, offering protection from various risks in the DeFi ecosystem. Only members can participate in the network, buy cover and hold NXM tokens.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.

Read more about