Loading...

Security breach hits NFT trader, resulting in major losses

In this post:

  • NFT Trader breach underscores the need for robust security.
  • Attacker’s behavior hints at evolving digital art theft tactics.
  • Crypto ransom and returns create complexities in NFT theft.

In a significant security breach, the peer-to-peer trading platform NFT Trader experienced a cyberattack on, resulting in the theft of millions of dollars worth of nonfungible tokens (NFTs). 

The breach targeted outdated smart contracts, leading NFT Trader to urge its users to revoke delegations to two specific addresses: 0xc310e760778ecbca4c65b6c559874757a4c4ece0 and 0x13d8faF4A690f5AE52E2D2C52938d1167057B9af.

NFT theft millions in losses

Among the NFTs stolen in this incident are at least 13 Mutant Ape Yacht Club tokens and 37 Bored Ape tokens. Additionally, NFT Trader reported losses involving VeeFriends and World of Women NFTs, cumulatively valued at nearly $3 million, according to Revoke.cash.

The aftermath of the NFT Trader security breach has been marred by rumors and misinformation circulating on various social media platforms. 

Moreover, the extent of the security flaw exploitation remains unclear. One of the attackers even attributed the initial exploit to another user and made demands for ransom payments in exchange for returning the stolen NFTs.

Attacker’s statements raise questions

In a public message, one of the attackers provided some insights into their motivations and intentions. The attacker claimed to have initially targeted the platform to collect what they referred to as “residual garbage.” However, they later discovered the opportunity to pilfer NFTs as well. 

Despite acknowledging the substantial value of these NFTs, the attacker expressed indifference to their monetary worth, stating, “I’m a good person, the value of these NFTs is enough for a person to live a free life, but I don’t care about that. I prefer to pick up the leftover trash.”

The attacker also revealed their limited technical skills and proposed a unique arrangement with the victims. They suggested that victims pay a 10% bounty in Ether (ETH) to regain possession of their stolen NFTs, claiming that retrieving all the affected NFTs at once was beyond their capabilities and consumed substantial time and energy. In their message, the attacker asserted, “My technical skills are limited, I can’t get all the affected NFTs at once, and it’s costing me a lot of energy and time. […] If you want the monkey NFT back, then you need to pay me a bounty, which is what I deserve.”

Attacker returns NFT and crypto

In a rather atypical turn of events, one of the victims reported that the attacker unexpectedly returned a rare NFT along with 31 ETH, which amounted to nearly $70,680 

Expressing bewilderment, the victim took to social media, writing, “And now the hacker just sent me 31 ETH? What in the world is going on. Is this real life?”

In the wake of the NFT Trader security breach, users are advised to remain vigilant and to take precautionary measures to safeguard their NFT assets. 

The platform has already identified and publicly disclosed the addresses targeted by the attackers, signaling its commitment to addressing the issue promptly.

An investigation into the breach is currently underway to determine the extent of the damage and to identify potential vulnerabilities in NFT Trader’s security infrastructure. 

Users are urged to stay updated on the progress of the investigation and to follow any security recommendations provided by the platform.

Disclaimer: The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision.

Share link:

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Nigeria to change its policies on blockchain technology
Cryptopolitan
Subscribe to CryptoPolitan