2 Scam Reports

Hacker

2

Nexus Mutal was hacked via a malicious payload that compromised mnemonic keys. Once the hacker gained control of NXM, 1inch network was used to swap for ethereum. The attacker also used RenBTC to swap chains to Bitcoin. The tactics are almost identical to the EasyFi attack. Over 250 ethereum were sent through tornado cash. 1,409 ethereum was swap for wBTC before hopping chains to bitcoin via 0x7725bc1d3b00b7f55044fc60fb1f4a1a28b8fccd49344a6ef5ad405dc1eedc02. An ethereum wallet connected to Nexus Mutal attacker received .37 eth from Easy Fi via this transaction hash 0xeaaabcafafe474cdac5d1f231a790e805fb72d1e27cd6f3e2d90c5635fe61cde.

1
2
Reported Addresses
Reported Address
bc1qfc8vkclmqlel5rugetw7xlwr6nmfrc7w57jkpa
Reported Address
0x09923E35f19687a524BbCa7d42B92B6748534F25
Reported Address
3BLjbZkjY2rtvF3mmmFtRcDpbdpVpGPTVS

+ 8 more

Hacker

2

EasyFi had admin keys compromised and attacker removed $6 million in liquidity from USD/DAI/USDT. EasyFi described the attack as a mnemonic key hack and confirmed the smart contracts were not exploited. The attacker used 1inch to swap 28 ethereum for Bitcoin and used RenBTC to chainhop to Bitcoin. Polygon Matic bridge was also used during the movement of funds. HitBTC was used to cash out some of the stolen ethereum.

0
2
Reported Addresses
Reported Address
bc1qfc8vkclmqlel5rugetw7xlwr6nmfrc7w57jkpa
Reported Address
0x83a2EB63B6Cc296529468Afa85DbDe4A469d8B37
Reported Address
bc1qfl085d0fxy8s6grja5qf8cgqvx8w94ufaygg9y

+ 7 more

Reports by Category

Backed By
TRM logoSolana logoCircle logoOpensea logoAave logoBinance logoCivic logoHedera logoRasomwhe.re logo