P2P platform NFT Trader loses $3 million in assets due to an exploit
The tokens were purchased from an unknown user by Boring Security for 10% of the value
18.12.2023 - 10:00
121
3 min
0
What’s new? On December 16, unknown people exploited old smart contracts of the P2P platform for trading non-fungible tokens, NFT Trader, and withdrew assets worth $3 million. After that, an anonymous user, who denied involvement in the hack, offered to return the tokens for a reward of 10% of their value. The assets were bought by the decentralized autonomous organization (DAO) Boring Security, which promised to return NFTs to the owners for free.
What else is known? The NFT Trader team explained that malicious code was injected into two of the platform’s older smart contracts. It recommended that for security purposes, always use Revoke Cash or similar tools to revoke permissions for wallets to interact with smart contracts after making deals.
The developers assured that they have “implemented all necessary measures to prevent any such incidents in the future,” and the platform itself is secure. In addition, for more than a year, NFT Trader has been using OpenSea’s NFT marketplace protocol for exchanging ERC-721 and ERC-1155 standard tokens called Seaport, which enhances its security.
According to Revoke Cash experts, NFT Trader’s losses amounted to about $3 million, and the stolen assets belong to the collections authored by Yuga Labs: Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC). These are some of the most well-known and expensive collections in the crypto space, with the minimum price for the tokens as of December 18 being 26 ETH ($56 230) and 5,1 ETH ($11 000) for BAYC and MAYC, respectively, according to aggregator CoinGecko.
After the hack, an unknown user contacted NFT Trader and offered to return all tokens for 10% of their minimum value. At the time, it amounted to 30 ETH for BAYC and 6 ETH for MAYC. He also provided the hacker’s address and stated that he was not his accomplice.
The user was rewarded by DAO Boring Security, receiving 36 BAYC and 18 MAYC. At the exchange rate at the time, the ransom amount exceeded $268 000. Members of the organization urged those affected to leave requests for asset recovery in the project’s Discord channel and to “be patient.” The assets will be returned to the owners at no cost.
Useful material?
Telegram 
Twitter Market
The commission had previously warned the developer of potential enforcement actions
Apr 29, 2024
Market
Funds can be seized by law enforcers due to links to illegal activity
Apr 26, 2024
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Cryptocurrency rates
-
Bitcoin
$62 397
BTC
-1.97%
-
Ethereum
$3 175.65
ETH
-3.65%
-
Ripple
$0.508064
XRP
-2.21%
-
Dogecoin
$0.141216
DOGE
-5.22%
-
Cardano
$0.454978
ADA
-3.3%
-
Bitcoin Cash
$454.9
BCH
-5.31%
-
Polkadot
$6.52
DOT
-4.89%
-
Litecoin
$83.7
LTC
-0.91%
-
Stellar XLM
$0.110721
XLM
-3.72%
-
Dash
$28.69
DASH
-3.9%