Hackers steal NFTs worth millions, from Apes to Art Blocks, in NFT Trader exploit | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Published 1 minute earlier on

Millions of dollars of high-value NFTs, including rare Bored Ape and Mutant Ape Yacht Club tokens, World of Women NFTs, VeeFriends, Art Blocks, and more were stolen in a major hack of peer-to-peer trading platform NFT Trader earlier today. 

The company confirmed in an X post that “old smart contracts” had been attacked and urged users to revoke any permissions they had given the smart contracts in the past. X user foobar has claimed the attacks have finished after NFT Trader updated its smart contracts to fix a reetrancy vulnerability. 

The apparent main attacker posted a public message to the blockchain, pinning the invention of the NFT exploit on another user and claiming the attack was to “pick up residual garbage.” The attacker offered to return tokens to victims after being paid a ransom of 3 eth per Bored Ape and .6 eth per Mutant Ape. The attacker has also made a series of confusing moves, refunding one Bored Ape along with 31 eth to one user and returning certain staked Bored Apes to their owners, while keeping the ApeCoin rewards. 

Aside from the main hacker, there have been reports of auxiliary hacks that have drained tokens such as Cool Cats and Squiggles from users’ wallets.  NFT Trader did not immediately reply to a request for comment from The Block. 

Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.


Click Here For The Original Story From This Source.

National Cyber Security