Peer-to-peer NFT">NFT marketplace NFT Trader suffered a security breach on December 16th that allowed hackers to steal NFTs worth nearly $3 million. At least 13 Mutant Ape Yacht Club and 37 Bored Ape NFTs were taken among other collections.
NFT Trader confirmed old smart contracts were targeted and urged users to revoke approvals for the compromised addresses. In a bizarre development, one hacker tried justifying the attack by claiming they were picking up “residual garbage” before demanding 10% bounties in Ether to return some NFTs.
Oddly, reports also emerged of a victim having a rare Bored Ape NFT along with 31 ETH worth around $70,000 sent back by the attacker. Details remain unclear on exactly how many hackers were involved and their motivations and identities.
While the returned NFT offer some encouragement, this latest Web3 platform hack illustrates lingering security risks surrounding smart contracts and blockchain ecosystems. As adoption of NFT trading expands, shoring up vulnerabilities via rigorous auditing and 2FA protections remains imperative.
