• Home
  • Ethereum
  • Hacker Restores Stolen NFTs Following Receipt of Bounty Payment
Hacker Restores Stolen NFTs Following Receipt of Bounty Payment

Hacker Restores Stolen NFTs Following Receipt of Bounty Payment

A Web3 Security Firm Recovers Stolen Bored Ape and Mutant Ape NFTs

Boring Security, a Web3 security firm, has successfully recovered 36 Bored Ape Yacht Club (BAYC) and 18 Mutant Ape Yacht Club (MAYC) NFTs that were stolen from the NFT Trader platform. The hacker demanded a payment of 120 ETH to return the stolen NFTs and received it from Yuga Labs co-founder Greg Solano. Within 24 hours, Boring Security paid the bounty and recovered the stolen assets.

Hacker Demands Payment to Return NFTs

The NFTs were stolen on December 16th, with the hacker attributing the exploit to another user and demanding a payment of 120 ETH in exchange for returning the NFTs. The hacker stated, “If you want these NFTs back, then you need to pay me 120 ETH […].”

Community Initiative and Recovery

Boring Security organized a community initiative to recover the stolen assets and successfully retrieved them after paying the hacker the agreed-upon bounty. The security firm announced the recovery of the NFTs within 24 hours.

Bounty Paid by Yuga Labs Co-Founder

The 120 ETH bounty was paid by Yuga Labs co-founder Greg Solano, who played a crucial role in negotiating the return of the stolen NFTs to their rightful owners. Yuga Labs is the creator of both the Bored Ape Yacht Club and Mutant Ape Yacht Club NFT collections.

Vulnerability and Revoking Permissions

The vulnerability that allowed the unauthorized transfers of NFTs was introduced 11 days prior when a smart contract upgrade enabled a vulnerability in the multicall feature. The pseudo-anonymous founder and developer of Delegate, Foobar, warned that the NFTs could be stolen again if the permissions were not revoked.

Self Custody Complexity and Importance of Security Education

Boring Security highlighted the complexity of self-custody in decentralized finance and emphasized the need for a culture of security in Web3. The firm encouraged community leaders to contribute to security initiatives, such as providing whitelists for security-educated individuals and offering security modules as prerequisites for community access.

Hot Take: Boring Security Recovers Stolen Bored Ape and Mutant Ape NFTs

Web3 security firm Boring Security successfully recovered stolen Bored Ape and Mutant Ape NFTs after a hacker demanded a payment of 120 ETH to return the assets. Community efforts and the involvement of Yuga Labs co-founder Greg Solano led to the recovery of the stolen NFTs within 24 hours. However, the incident highlights the complexity of self-custody and the need for security education in the Web3 space. Boring Security emphasized the importance of understanding underlying processes and mechanisms to prevent future exploits. The firm encouraged community leaders to prioritize security and advocated for technical training and prerequisites to ensure secure practices in Web3.

Read Disclaimer
This content is aimed at sharing knowledge, it's not a direct proposal to transact, nor a prompt to engage in offers. Lolacoin.org doesn't provide expert advice regarding finance, tax, or legal matters. Caveat emptor applies when you utilize any products, services, or materials described in this post. In every interpretation of the law, either directly or by virtue of any negligence, neither our team nor the poster bears responsibility for any detriment or loss resulting. Dive into the details on Critical Disclaimers and Risk Disclosures.

Share it

Hacker Restores Stolen NFTs Following Receipt of Bounty Payment