Reports indicate, and the peer-to-peer non-fungible token (NFT) market platform has confirmed, that the NFT platform NFT Trader experienced a security breach. An assailant exploited an outdated smart contract, resulting in the theft of nearly $3 million worth of esteemed digital collectables, including those from the Mutant Ape Yacht Club (MAYC) and Bored Ape Yacht Club (BAYC) NFT collections.
🚨🚨We've suffered an attack on old smart contracts, please remove the delegation using https://t.co/zEMgkS96nP to the following addresses:
— NFT Trader (@NftTrader) December 16, 2023
-0xc310e760778ecbca4c65b6c559874757a4c4ece0
-0x13d8faF4A690f5AE52E2D2C52938d1167057B9af
High-Value Bored and Mutant Ape NFTs Snatched in NFT Trader Security Breach
The NFT trading platform NFT Trader has been compromised, resulting in a loss estimated at approximately $2.85 million in high-value NFTs. On Saturday, NFT Trader issued a public statement on X, warning, “We’ve suffered an attack on old smart contracts, please remove the delegation using revoke cash to the following addresses,” and provided two addresses along with the affected smart contract addresses.
Revoke Cash X’s official account revealed that the thief absconded with around $3 million in NFTs, “mostly Bored Apes and Mutant Apes.” The Revoke Cash website summarizes the breach and states that the exact method of the theft remains unclear, yet some stolen NFTs have been returned. “The exploiter has sent several stolen NFTs back to the victims, so there is hope that users will recover some of their assets,” Revoke Cash observed.
As 2023 draws to a close, the NFT Trader incident adds to a string of recent security breaches, following closely behind the Ledger Connect Kit Library mishap and the Okx Dex hack. Research from the previous month indicated that $343 million had been pilfered from centralized and decentralized crypto exchanges. With the surge in the value of non-fungible token assets, they have become prime targets due to their substantial worth.
In recent years, owners of non-fungible tokens (NFTs) have increasingly been targeted by phishing attacks through diverse deceptive strategies. These scams trick victims into disclosing critical information vital for compromising security systems, enabling assailants to infiltrate the digital wallets of unwary victims and expropriate their NFTs. Illustratively, in January 2022, an owner of a New York gallery fell prey to such a phishing scam, resulting in the theft of NFTs valued at $2.2 million.