Nexera has burned 32.5 million NXRA tokens that were involved in a recent hack. The exploit was part of a broader coordinated attack, and led to the theft of $1.5 million in digital assets. Meanwhile, the hacker behind the Rain crypto exchange breach has started laundering stolen crypto through Tornado Cash, while funds from the Unizen hack have also recently been moved to the mixer. Additionally, a MEV bot accidentally exploited Ronin but has already returned almost all of the funds.
Nexera Burns Millions of NXRA After Exploit
Nexera, a decentralized finance (DeFi) protocol, has burned 32.5 million NXRA tokens that were involved in a hack as part of its plan to address the incident and improve security. According to a post by blockchain security firm PeckShieldAlert, these tokens have been permanently removed from circulation.
After the breach, Nexera announced that it will take several steps to address the hack, and that their smart contracts were not compromised. However, to mitigate the damage, the team quickly froze the remaining 32.5 million NXRA tokens in the attacker’s wallet after determining that only $440K of the total NXRA tokens transferred were actually compromised.
These tokens were burned to support the stability of the Nexera ecosystem and to prevent the stolen tokens from being used, traded, or circulated in the market. This will also lessen the potential market impact.
Nexera was exploited on Aug.7, which resulted in the theft of $1.5 million worth of digital assets, including NXRA tokens. It was targeted in a coordinated attack affecting multiple projects and protocols. The hacker stole 47 million NXRA tokens, valued at approximately $1.76 million, and started selling a portion for Ethereum (ETH). The hacker also transferred some funds to the BNB Chain.
Nexera shared that the exploit was part of a broader coordinated attack and assured users that there was no need to issue a new NXRA token, as the existing token address would remain the same. Users were advised to stop trading since the attacker engaged with exploit-related addresses on KuCoin and MEXC. As a result, these exchanges suspend their services. Some other exchanges were also notified and urged to take similar action.
Rain Exchange Hacker Starts Laundering Funds
Meanwhile, the hacker behind the recent attack on the Rain crypto exchange has started laundering stolen Ethereum through the crypto mixer Tornado Cash. Blockchain security firm PeckShield flagged the move, and revealed that the attacker transferred 1,155 ETH, which is worth about $2.9 million, to Tornado Cash. This means that the hacker is actively trying to obscure the origins of the funds and make them harder to trace.
The Rain crypto exchange was exploited on April 29. Close to $14.1 million worth of various cryptocurrencies, including Bitcoin, Ethereum, Solana, and XRP, were transferred to a new wallet under suspicious circumstances. On-chain sleuth ZachXBT first reported the exploit on May 13, and shared more details about the suspicious transactions that took place two weeks prior.
AJ Nelson, co-founder of Rain, confirmed the breach in an X post, and assured users that the exchange covered the stolen assets from its funds to make sure the platform continues operating normally.
Tornado Cash is a decentralized, non-custodial privacy solution built on Ethereum. It uses zero-knowledge proofs to break the on-chain link between the source and destination of funds. While it is valuable for privacy-conscious users, malicious actors have taken advantage of it to launder stolen cryptocurrencies.
Stolen Unizen Funds Move to Tornado Cash
An exploiter-labeled address that is linked to the DeFi protocol Unizen hack has transferred 865.4 ETH, worth almost $2.16 million, to Tornado Cash. PeckShield flagged the exploiter’s transfer to the mixing service on Aug. 7. This was the first movement of the stolen funds since Mar. 8.
Around the time of the hack, Unizen announced that users who lost $750,000 or less would be reimbursed. Refunds started on Mar. 11.
On Aug. 7, stolen funds, including the Maker Protocol stablecoin Dai, started to leave the exploiter wallet for the first time since the Unizen hack about 151 days ago. At 4:12 a.m. UTC, 500,000 DAI was sent out, followed by another outflow of 1,679,859 DAI, bound for an unknown wallet. From 4:14 a.m., the exploiter started converting the 2,179,859 DAI into 863.67 ETH. The exploiter then started sending out the ETH from 5:35 a.m. to Tornado Cash through 26 separate transactions.
On Mar. 11, Unizen announced that the firm’s CEO, Sean Noga, loaded funds to facilitate refunding lost funds back to victims of the $2.16 million hack. The announcement explained that returned funds would be in Tether (USDT) or USD Coin (USDC). For users who lost more than $750,000 during the hack, the DeFi protocol would handle those victims on a case-by-case basis.
After the exploit in March, Unizen’s chief technology officer, Martin Granström, stated that the firm was working with third-party security firms and law enforcement to identify the hacker. Granström also announced that the firm would share an incident report and invest more in security in the future.
MEV Bot Accidentally Exploits Ronin, Returns ETH
The maximum extractable value (MEV) bot that drained 3,996 ETH from the Ronin network bridge on Aug. 6 has returned almost all of the funds, according to data from block explorer Etherscan. This indicates that the bot may have accidentally front-run the attack. At the time the ETH was returned, it was worth more than $10 million.
The bot returned the funds at 3:04 p.m. UTC, with a total of 3,991 ETH transferred to the Ronin team, while the remaining 5 ETH has not been returned. The Ronin team announced the return on social media, and stated that the bot’s owner was being rewarded $500,000 for discovering the exploit. The team said it would only allow the bridge to be reopened after the vulnerability is patched and an audit is performed.
MEV bots are programmed to copy transactions and pay a higher gas fee to execute them first if doing so is profitable. For this reason, they sometimes accidentally exploit protocols. If an attacker tries to exploit a protocol but fails to pay a high enough gas fee, an MEV bot may automatically copy the attack and drain a protocol of funds. In these cases, the bot’s owner usually returns the funds to the victim, which happened in this case.
In July, a similar case happened when a MEV bot drained the Rho Markets protocol of over $8 million. The bot’s owner eventually returned all of the funds.
AI Security System Rivals Top Pentesters
Interestingly, an AI-powered automated security testing system has matched the performance of leading cybersecurity experts in a recent experiment after solving the same number of penetration-testing benchmarks in less than 1.1% of the time it took its human counterparts. On Aug. 5, XBOW founder and CEO Oege de Moor published the results, showing XBOW AI’s penetration testing capabilities against professional human penetration testers, or ”pentesters.”
A penetration test is an authorized, simulated cyberattack on a computer system to evaluate its security.
XBOW created 104 novel benchmarks, covering various vulnerabilities that are designed to be unsolvable through web searches. Five professional human pentesters from leading cybersecurity firms were given 40 hours to solve them. The principal pentester, Federico Muttis, solved the same amount as the AI system, but XBOW completed the tasks in 28 minutes, compared to the 40 hours it took Muttis.
104 novel XBOW benchmarks (Source: XBOW)
Muttis was shocked at the AI’s performance, and stated that he expected the AI to be unable to solve some of the challenges he tackled. Pentesters are cybersecurity professionals who specialize in testing the security of computer systems, networks, and web applications, typically using the same tools and techniques as malicious hackers but for defensive purposes.
The advantage of AI over human counterparts is its ability to run continuously during software development. This ensures that vulnerabilities are identified and addressed while the system is still under development, well before bad actors even have a chance to exploit them.
Several security experts say the advancements in AI-powered security testing could greatly benefit the crypto industry, which has been plagued by over $1.4 billion in hacks this year already.
This article was originally Posted on Coinpaper.com
