Nexera, a blockchain infrastructure protocol specializing in tokenization, has been exploited, resulting in a loss of $1.5 million.
The company, previously known as AllianceBlock, announced the breach on X, indicating that they are actively investigating the incident.
In response to the exploit, Nexera has paused the NXRA token contract and halted trading on decentralized exchanges.
The company added that efforts are underway to communicate with centralized exchanges to suspend trading activities as well.
Announcement
The team is investigating an exploit involving smart contracts containing NXRA tokens.
While we are still finalizing our findings, there are already a couple of things that we can share:
1️⃣ The $NXRA token contract has already been paused. Trading is halted on…— Nexera (@Nexera_Official) August 7, 2024
NXRA Token Drops After Hack
As of now, the NXRA token is trading at $0.033, a 40% drop since the exploit, based on CoinMarketCap data.
Data from Zapper indicates the attacker currently possesses 32.5 million NXRA tokens, valued at $1.23 million, along with $555,000 in tether’s USDT stablecoin.
Meanwhile, the hacker has begun liquidating NXRA tokens for Ether.
Cyvers reported that some of these funds have already been transferred to the BNB chain.
“The address is currently selling all the tokens for $ETH, and some of the funds have already been bridged to the $BNB chain. The total estimated loss is around $1.5 million,” Cyvers said.
🚨ALERT🚨Hey @Nexera_Official,
Our system has detected a suspicious transaction involving your proxy contract.
An address took ownership of your proxy contract and upgraded it. Shortly after, the address used the withdraw admin function to transfer all the $NXRA tokens.The… pic.twitter.com/Of4bAD7UiP
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) August 7, 2024
Hackers often convert stolen tokens into Ether to launder the funds using cryptocurrency mixers like Tornado Cash, complicating the tracing efforts of cybersecurity firms.
On-chain data suggests this isn’t the first malicious act by the exploiter.
Blockchain investigator ZachXBT disclosed on Telegram that the attacker is linked to several recent incidents involving compromised private keys, including those affecting SpaceCatch, Concentric Finance, OKX DEX, Serenity Shield, and Reach.
Hackers Steal $266M in July
The crypto sector faced significant losses in July as hackers stole approximately $266 million through 16 separate breaches.
Among the most notable incidents was the July 18 attack on Indian crypto exchange WazirX, which accounted for over $230 million, or 86.4%, of the month’s total losses.
Other significant victims of July’s crypto hacks included algorithmic protocol Compound Finance, which lost $24 million, bridging protocol Li.Fi ($10 million), decentralized AI protocol Bittensor, and liquidity provider Rho Markets, each losing $8 million.
In many instances, the stolen funds were moved to the cryptocurrency mixer Tornado Cash, a technique used by hackers to obscure the origin of the funds and evade detection.
In contrast to July, June saw a lower loss of $176 million spread across approximately 20 incidents, highlighting a sharp increase in the value of stolen assets in just one month.
A notable incident at the end of July involved the Terra blockchain, which temporarily halted operations at block height 11430400 following a hack that resulted in the theft of $6 million.
The attacker exploited a known vulnerability to steal 60 million ASTRO tokens, 500,000 USD, 3.5 million USD Coin, and 2.7 Bitcoin.
More recently, the United States Homeland Security Investigations (HSI) charged a Las Vegas resident for operating a fraudulent cryptocurrency recovery scheme.