Advertisement
AD

Main navigation

Hacker Stole NFTs Worth 3,000 ETH and Then Returned Half of It, Here's How

Advertisement
Mon, 27/06/2022 - 10:05
Hacker Stole NFTs Worth 3,000 ETH and Then Returned Half of It, Here's How
Cover image via stock.adobe.com

Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.

Read U.TODAY on
Google News
Contents
Advertisement

The "Metaverse Asset Bank," Carnival, which experienced a smart contract exploit in a flurry of transactions and led to the gain of around 3,000 ETH by a hacker found a resolution that decreased the damage to the platform and made the hacker look better, per PeckShield Inc.

How did the hack happen?

The flaw in the platform's code allowed hackers to withdraw pledged NFTs and use them as collateral. The mechanism was later used to drain assets from the pool. The main issue was the lack of judgment in the contract that has not checked if the pledged NFT has been withdrawn by the borrower.

Related
Jed McCaleb Now Has 114 Million XRP Left: Report

As always, the hacker received his funds from Tornado Cash coin mixing solution, which allowed him to remain completely anonymous. Potentially, the exploiter could have easily washed stolen funds and remained under the radar, and then later moved them into fiat somehow.

The good end

Luckily for platform users and the management team, the hacker agreed to return half of the stolen funds on one condition only: if the whole exploit story would be considered a "bug bounty," he would avoid all future lawsuits.

He asked the Carnival CEO to grant the owner of the address ending with "B800a" a 1,500 ETH bounty in exchange for the stolen funds. Essentially, the platform paid the hacker a $1.8 million bug bounty, which is considered more than generous.

Since the beginning of the year, the number of exploits and hacks of various DeFi platforms and NFT collections decreased significantly, most likely because of the dropping popularity of both industries and a crash of the cryptocurrency market in May and June.

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD