• Home
  • Blockchain
  • NFT Hacker Restores $3 Million Worth of 54 NFTs Following Ransom Payment
NFT Hacker Restores $3 Million Worth of 54 NFTs Following Ransom Payment

NFT Hacker Restores $3 Million Worth of 54 NFTs Following Ransom Payment

Dramatic Heist and Recovery of NFTs Worth $3 Million

This past weekend witnessed a dramatic heist and subsequent recovery of valuable non-fungible tokens (NFTs) from top collections like the Bored Ape Yacht Club. On December 16, a hacker exploited a security vulnerability in the NFT Trader platform and stole 36 Bored Ape and 18 Mutant Ape NFTs worth nearly $3 million.

The thief publicly boasted about the theft online and demanded a sizable ransom payment in Ethereum crypto tokens to return the stolen digital collectibles.

Key Points:

  • 36 Bored Ape Yacht Club (BAYC) and 18 Mutant Ape Yacht Club (MAYC) NFTs were hacked and stolen from the NFT Trader platform on December 16.
  • The hacker publicly announced the theft and demanded a ransom payment in crypto to return the NFTs.
  • Yuga Labs co-founder Greg Solano and the group Boring Security coordinated paying the hacker a bounty of 120 Ether (around $260,000).
  • After receiving the payment, the hacker returned all of the stolen NFTs as promised.
  • The hack was made possible by a loophole introduced during a platform upgrade 11 days prior.

Recovery Efforts and Bounty Payment

In collaboration with Yuga Labs co-founder Greg Solano, nonprofit group Boring Security took charge of negotiating with the hacker. Eventually, they agreed to pay a bounty equivalent to around 10% of the value of the stolen NFTs. This amounted to 120 Ether or approximately $260,000.

Solano transferred this bounty payment from his own crypto wallet to retain control of the situation. True to their word, the hacker returned all of the stolen NFTs back to Boring Security shortly after receiving the payment.

The Vulnerabilities in High-Value NFT Platforms

This successful recovery highlights the vulnerabilities that persist across platforms dealing with high-value NFTs and crypto assets. The breach was a result of issues introduced during a platform upgrade of NFT Trader 11 days prior to the incident. Certain security permissions were left open, allowing for the forcible transfer of NFTs stored in accounts.

In addition to technological lapses, this incident demonstrates the growing power of decentralized communities in Web3 models. Instead of relying solely on law enforcement or centralized authorities, Boring Security and Solano took matters into their own hands and used blockchain transparency to negotiate a practical solution.

Although paying ransoms risks encouraging similar crimes, recovering lost NFTs was the priority for collectors and creators. This event emphasizes the importance of security and backups in Web3 ecosystems, especially as mainstream assets transition to blockchain and crypto-based models. Preventing breaches in the first place can save millions in the future.

Hot Take: The Power of Decentralized Communities in NFT Recovery

The recent heist and subsequent recovery of stolen NFTs highlights both the vulnerabilities and power within the crypto community. While a hacker exploited a security vulnerability to steal valuable digital collectibles, Yuga Labs co-founder Greg Solano and Boring Security took decisive action to negotiate the return of the NFTs.

By paying a bounty worth 10% of the stolen NFTs’ value, they successfully retrieved all of the stolen assets. This event showcases how decentralized communities can utilize blockchain transparency to address crises within Web3 models. However, it also serves as a reminder of the importance of robust security measures to prevent such breaches from occurring in the first place.

Read Disclaimer
This content is aimed at sharing knowledge, it's not a direct proposal to transact, nor a prompt to engage in offers. Lolacoin.org doesn't provide expert advice regarding finance, tax, or legal matters. Caveat emptor applies when you utilize any products, services, or materials described in this post. In every interpretation of the law, either directly or by virtue of any negligence, neither our team nor the poster bears responsibility for any detriment or loss resulting. Dive into the details on Critical Disclaimers and Risk Disclosures.

Share it

NFT Hacker Restores $3 Million Worth of 54 NFTs Following Ransom Payment