Hackers steal NFTs worth millions, from Apes to Art Blocks, in NFT Trader exploit

Metaverse & NFT • December 16, 2023, 12:03PM EST
Published 1 minute earlier on
The Block

Quick Take

  • NFT Trader has suffered a hack on “old smart contracts,” letting at least one hacker make off with high-value NFTs worth millions of dollars, including several Bored Ape Yacht Club and Mutant Ape Yacht Club NFTs. 
  • NFT Trader has warned users to revoke access to two compromised smart contracts as the main hacker demands ransom payments for the stolen NFTs. 

Millions of dollars of high-value NFTs, including rare Bored Ape and Mutant Ape Yacht Club tokens, World of Women NFTs, VeeFriends, Art Blocks, and more were stolen in a major hack of peer-to-peer trading platform NFT Trader earlier today. 

The company confirmed in an X post that "old smart contracts" had been attacked and urged users to revoke any permissions they had given the smart contracts in the past. X user foobar has claimed the attacks have finished after NFT Trader updated its smart contracts to fix a reetrancy vulnerability. 

The apparent main attacker posted a public message to the blockchain, pinning the invention of the NFT exploit on another user and claiming the attack was to "pick up residual garbage." The attacker offered to return tokens to victims after being paid a ransom of 3 eth per Bored Ape and .6 eth per Mutant Ape. The attacker has also made a series of confusing moves, refunding one Bored Ape along with 31 eth to one user and returning certain staked Bored Apes to their owners, while keeping the ApeCoin rewards

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Aside from the main hacker, there have been reports of auxiliary hacks that have drained tokens such as Cool Cats and Squiggles from users' wallets.  NFT Trader did not immediately reply to a request for comment from The Block. 


Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Zack Abrams is a writer and editor based in Brooklyn, New York. Before coming to The Block, he was the Head Writer at Coinage, a Web3 media outlet covering the biggest stories in Web3. The story he co-reported on Do Kwon won a 2022 Best in Business Journalism award from SABEW. Other projects included a deep dive into SBF's defense based on exclusive documents and unveiling the identity of the hacker behind one of 2023's biggest crypto hacks — so far. He can be reached via X @zackdabrams or email, [email protected].

More by Zack Abrams