In a significant breach of digital security, NFT Trader, a prominent peer-to-peer trading platform for nonfungible tokens (NFTs), fell victim to a sophisticated hack on December 16. This cyberattack resulted in the theft of a substantial amount of valuable NFTs, causing considerable turmoil in the digital asset community.
The platform, which facilitates the trading of unique digital assets, confirmed the incident on a social networking platform. The hackers targeted vulnerabilities in old smart contracts used by NFT Trader. In response to the breach, the platform urgently advised its users to revoke delegations to two specific blockchain addresses, identified as part of the security compromise.
The scale of the theft was vast. Among the stolen digital assets were at least 13 tokens from the Mutant Ape Yacht Club collection and 37 from the Bored Ape series. Additionally, NFTs from other popular collections such as VeeFriends and World of Women were also taken. According to estimates provided by Revoke.cash, the total losses approached nearly $3 million, a staggering sum that highlights the high value of these digital tokens.
Following the hack, social media platforms were rife with rumors and misinformation, adding to the confusion surrounding the details of the incident. There is still a lack of clarity regarding the number of individuals involved in the exploitation of the security flaw. Adding to the complexity, one of the attackers publicly acknowledged their involvement in the heist. They claimed to have initially targeted residual assets but later realized the possibility of acquiring NFTs. This individual, who described themselves as a ‘good person’ and not particularly driven by monetary gain, even suggested returning the stolen NFTs for a ransom, proposing a 10% bounty in Ether (ETH).
In a bizarre and unanticipated development, one of the victims reported an unexpected turn of events. The hacker had inexplicably returned a rare NFT to them, along with 31 ETH, which was valued at approximately $70,680 at the time. This unusual act left the victim and the wider crypto community perplexed, questioning the motives and intentions behind such an erratic behavior.
This incident has once again brought to light the inherent vulnerabilities and risks associated with digital assets and the platforms that trade them. It underscores the need for enhanced security measures and vigilant management of smart contracts to prevent such breaches in the future. As the dust settles, the NFT Trader hack serves as a stark reminder of the volatile and unpredictable nature of the digital asset market.
UPDATE:
Boring Security, supported by ApecoinDAO, has recently achieved a notable success in securing digital assets by recovering 36 BAYC and 18 MAYC series NFTs stolen from NFT Trader users. This was accomplished by offering a bounty to the attacker. The team plans to return these recovered NFTs to their rightful owners at no cost.
This successful operation by Boring Security highlights their dedication to the protection and security of digital assets in the NFT space. The retrieval of these stolen NFTs is a significant milestone for the industry, demonstrating the effectiveness of security protocols and the potential to reclaim and restore assets to their legitimate owners. This action reinforces the growing focus on security in the digital asset realm and provides a reassuring precedent for the future of NFT safety.