Nexera Loses $1.5 Million as Exploiters Commandeer Proxy Contract

Blockchain infrastructure developer Nexera was hacked on Wednesday, with the exploiter wasting no time before selling the loot.

It comes a day after the attack on the Ronin Bridge, highlighting just how much cyber attacks menace the industry.

Nexera Hacked, Exploiters Take Over Proxy Contract

Blockchain security firm Cyvers reported the incident, detecting suspicious transactions involving Nexera’s proxy contract. Based on the report, the exploiter upgraded the proxy contract, effectively assuming control, and is already selling the loot.

“An address took ownership of proxy contract and upgraded it. Shortly after, the address used the withdraw admin function to transfer all the NXRA tokens. The address is currently selling all the tokens for ETH, and some of the funds have already been bridged to the BNB chain. The total estimated loss is around $1.5 million,” Cyvers reported.

Read more: Crypto Project Security: A Guide to Early Threat Detection

Nexera Hack Report. Source: Cyvers

Certik also indicated “Nexera’s multisigs were exploited for 47.253M NXRA,” noting that the attacker was already bridging to the Binance Smart Chain.

Nexera confirmed the attack, noting the pausing of the NXRA token contract. Similarly, they halted trading of NXRA on decentralized exchanges, as the network works with centralized exchanges to halt trading. The network urges every token holder to cease trading until they resolve the issue.

“The team is investigating an exploit involving smart contracts containing NXRA tokens. While we are still finalizing our findings, there are already a couple of things that we can share: The NXRA token contract has already been paused. Trading is halted on decentralized exchanges, and we are working with centralized exchanges to halt trading. Everyone is advised to stop trading. We continue to investigate the exploit now and will come back here ASAP with follow-up steps,” Nexera reported.

Read more: Top 9 Safest Crypto Exchanges in 2024

The incident is already drawing attention, not just because it follows the recent Ronin incident, but because it marks the second attack on Nexera this cycle. In April, ALBT, a project building on Nexera, was compromised. Despite the theft of 100 million ALBT tokens, the incident was reportedly swept under the rug.

Neither Nexera nor its CEO and co-founder Rachid Ajaja immediately responded to BeInCrypto’s request for comment. This theft highlights the crypto industry’s persistent vulnerabilities as cyber threats escalate.

Nexera’s native token, NXRA, is down by 41% since Wednesday’s session opened.