QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$145 000 USD
MAY 2025
GLOBAL
NEXO
DESCRIPTION OF EVENTS
Nexo is a comprehensive digital asset platform that empowers individuals, businesses, and institutions to build and manage wealth in the crypto economy. Since its founding in 2018, Nexo has grown to manage over $11 billion in assets and operate in more than 150 jurisdictions. The platform offers a full suite of services from crypto savings and trading to credit lines, debit/credit cards, and private wealth solutions—all accessible through a single, streamlined app.
At its core, Nexo provides flexible and fixed-term savings options that allow users to earn daily compound interest—up to 16% annually—on a wide range of digital assets including BTC, ETH, USDT, and fiat-pegged stablecoins. For those seeking more active strategies, Nexo also offers Dual Investment products and high-leverage futures trading.
The platform goes beyond personal finance, supporting credit-backed liquidity solutions through crypto-collateralized loans, starting at just 2.9% interest. It also features the Nexo Exchange, where users can trade over 100 cryptocurrencies and set automated recurring buys. The Nexo Card enables real-time spending in both debit and credit modes, allowing users to earn up to 2% cashback without selling their crypto.
For high-net-worth individuals and corporate clients, Nexo Private delivers tailored wealth management, OTC trading, and customized credit services for portfolios starting at $100,000. Businesses can also build digital treasuries with institutional-grade security and 24/7 white-glove support.
The Nexo smart contract contained a vulnerability where the 0x94f82f54() function lacked proper access control and input validation. This flaw could allow unauthorized users to call the function and manipulate its behavior. By bypassing authentication checks and providing manipulated input, an attacker could deceive the contract into treating a fake pool as legitimate.
SlowMist attributes the attack root cause to a "lack of permission control", noting that "the contract was attacked by sandwich attacks".
Transaction hash: 0x3278b9ee1391269a22742d6b4a1289426d1245220ce8994fe32837cd251598f1
More specifically, the function 0x94f82f54() in the victim contract 0x0851 suffers from critical security flaws due to missing access control and inadequate input validation. These omissions make the function vulnerable to exploitation by unauthorized users. Specifically, the contract does not verify the identity or permissions of the caller, allowing anyone to invoke this sensitive function.
As a result of these vulnerabilities, an attacker was able to exploit the function to redirect or swap funds from the contract into a maliciously crafted or faked Uniswap V3 pool. By supplying manipulated input parameters, the attacker tricks the contract into treating the fraudulent pool as legitimate, enabling the unauthorized withdrawal or movement of assets.
SlowMist reports amount of loss: $31,535, which appears to come from a screenshot they have generated.
TenArmor describes that there are actually "multiple suspicious attacks" "resulting in an approximately loss of $144.8K".
It does not appear that Nexo has addressed or mentioned the issue publicly.
Multiple firms such as TenArmor and SlowMist reported on the incident on the blockchain.
It does not appear that Nexo has addressed or mentioned the issue publicly.
There is no note on any recovery happening.
It does not appear that Nexo has addressed or mentioned the issue publicly.
Nexo is a leading digital asset platform offering a broad suite of financial services, including crypto savings, trading, lending, and wealth management, with over $11 billion in assets under management since its launch in 2018. However, a vulnerability in the smart contract function 0x94f82f54()—which lacked access controls and input validation—was exploited to redirect funds to a fake Uniswap V3 pool. Security firms SlowMist and TenArmor reported losses ranging from $31,535 to approximately $144.8K, citing multiple suspicious attacks. Despite these findings, Nexo has not publicly acknowledged or addressed the incident, and no recovery efforts have been reported.
SlowMist - "SlowMist Security Alert We detected potential suspicious activity related to @Nexo. As always, stay vigilant!" - Twitter/X (Jun 12)
Transaction (Jun 12)
TenArmor - "Our system has detected multiple suspicious attacks involving an unverified contract 0x0851 on #BSC, resulting in an approximately loss of $144.8K." - Twitter/X (Jun 12)
Nexo Homepage (Jun 12)
