Hackers exploited Arbitrum TreasureDAO marketplace with over 100 NFTs being stolen as we can see more today in our latest cryptocurrency news.
The NFT marketplace on Arbitrum dubbed TreasureDAO was exploited and hackers stole over 100 NFTs. The stolen NFTs were stolen in the recent exploit that was conducted via a series of transactions and the attackers were able to exploit a bug in the protocol which enabled them to mint NFTs for free. The platform then urged the users to delist their NFTs from the marketplace.
3/ The hack is made possible due to a bug in distinguishing ERC721 and ERC1155 in buyItem(), which mis-calculates the price of ERC721 as ERC1155 with the (untrusted) given 0 quantity. pic.twitter.com/D09lYbEmRL
— PeckShield Inc. (@peckshield) March 3, 2022
In another huge blow to the NFT industry, the hackers exploited Arbitrum with the project falling victim to the breach of TreasureDAO as the biggest NFT marketplaces on the Layer 2 protocol. According to the data by blockchain security company Peckshield, about 100 NFTs were stolen and the hack happened due to a bug in ERC721 and eRC1155 that miscalculated the prices.
The full extent of the damage is unclear but a few social media posts suggest that one of the addresses used for hacking drained 17 smol brains which are the popular NFT traded on Arbitrum. According to the prices listed on the platform, the total value of the NFTs is worth around 426.5K MAGIC like the native token of the protocol. The value comes at $1.4 million and after the exploit, the token crashed from $3.82 to $2.55. The DAO co-founder John Patten tweeted:
“Treasure marketplace is being exploited. Please delist your items. We will cover the costs of the exploit — I will personally give up all of my Smols to repair this.”
After apologizing for the hack, the developers revealed that the vulnerability was a result of a previous fix that should have been already identified. The marketplace has been frozen now with now trades being executed. The team clarified that the listings are safe and the code will be reviewed with teh completion of which, the marketplace will start redeploying the fixes. The developers confirmed that the hackers returned stolen NFTs a few hours after the exploit and TreasuureDAO will propose other options for all users that don’t receive the NFTs. The options will be put forward to the community and voted on by the organization.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post