Nexus Mutal was hacked via a malicious payload that compromised mnemonic keys. Once the hacker gained control of NXM, 1inch network was used to swap for ethereum. The attacker also used RenBTC to swap chains to Bitcoin. The tactics are almost identical to the EasyFi attack. Over 250 ethereum were sent through tornado cash. 1,409 ethereum was swap for wBTC before hopping chains to bitcoin via 0x7725bc1d3b00b7f55044fc60fb1f4a1a28b8fccd49344a6ef5ad405dc1eedc02. An ethereum wallet connected to Nexus Mutal attacker received .37 eth from Easy Fi via this transaction hash 0xeaaabcafafe474cdac5d1f231a790e805fb72d1e27cd6f3e2d90c5635fe61cde.