• Home
  • Ethereum
  • Recovering Stolen Bored Apes: NFT Trader’s Success with $267k Bounty Payment
Recovering Stolen Bored Apes: NFT Trader's Success with $267k Bounty Payment

Recovering Stolen Bored Apes: NFT Trader’s Success with $267k Bounty Payment

All stolen Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) nonfungible tokens (NFTs) from the NFT Trader platform have been recovered following a $267,000 bounty payment.

On Dec. 16, a security breach on the peer-to-peer platform NFT Trader led to the theft of NFTs worth nearly $3 million.

The attacker, in public messages, claimed to have capitalized on an exploit initially used by another user, demanding a ransom for the return of the stolen NFTs. They insisted on a payment of 120 Ether (ETH), equivalent to around $267,000 at the time, to return the NFTs.

Responding swiftly, Boring Security, a non-profit web3 security project funded by ApeCoin, spearheaded a community initiative that secured the return of all assets in under 24 hours after complying with the ransom demand.

Boring Security, in a statement on X, confirmed the recovery of all 36 BAYC and 18 MAYC NFTs. The payment to the hacker amounted to 10% of the floor price of the collections, as agreed upon.

The bounty was paid by Greg Solano, co-founder of Yuga Labs. The company is the creator of both the NFTs collections and supported negotiations to recover the tokens and return them to their original owners for free.

The breach was traced back to a vulnerability introduced by a smart contract upgrade 11 days prior. This upgrade enabled the misuse of a multicall feature, leading to unauthorized NFT transfers. The loophole was identified by “Foobar,” a pseudonymous founder and developer of Delegate, who also helped NFT Trader’s team halt the attack.

Following the incident, calls were made urging users to revoke permissions granted to two old contracts identified as potential security risks. The revoked approvals were essential to prevent possible future thefts of the NFTs.

Boring Security urges regular training against NFT hacks

Boring Security, acknowledging the complexity of self-custody in decentralized finance, emphasized the need to understand the mechanisms of web3. They highlighted the strides made by Ethereum developers in enhancing user-friendly interfaces but stressed the importance of being vigilant in managing digital assets.

With over 80 partnerships in the NFT space, Boring Security has been advocating for a culture of security in web3. Their approach includes free, instructor-led training sessions. They also urged community leaders to adopt various measures to bolster security.

These measures include creating whitelists for security-educated individuals, integrating security modules into community access requirements, and training moderators in security protocols.

Additionally, Boring Security proposed incentives like hosting special Proof of Attendance Protocol (POAP) events and offering bonuses for completing security classes or activities to encourage participation in security education.

The firm called upon community leaders to collaborate in enhancing and safeguarding their communities, inviting them to share insights and seek guidance.

Hot Take: Bored Ape Yacht Club and Mutant Ape Yacht Club NFTs Recovered After $267k Bounty Payment

All stolen Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) nonfungible tokens (NFTs) from the NFT Trader platform have been successfully recovered. The recovery followed a payment of $267,000 as a bounty for the return of the stolen NFTs. The breach occurred due to a security vulnerability in the NFT Trader platform, resulting in the theft of NFTs worth nearly $3 million. Boring Security, a non-profit web3 security project, led a community initiative that swiftly secured the return of all assets within 24 hours. The payment was made by Greg Solano, co-founder of Yuga Labs, the creator of the NFT collections. Boring Security emphasized the importance of regular training and vigilance to prevent future NFT hacks.

Read Disclaimer
This content is aimed at sharing knowledge, it's not a direct proposal to transact, nor a prompt to engage in offers. Lolacoin.org doesn't provide expert advice regarding finance, tax, or legal matters. Caveat emptor applies when you utilize any products, services, or materials described in this post. In every interpretation of the law, either directly or by virtue of any negligence, neither our team nor the poster bears responsibility for any detriment or loss resulting. Dive into the details on Critical Disclaimers and Risk Disclosures.

Share it

Recovering Stolen Bored Apes: NFT Trader's Success with $267k Bounty Payment