- Boring Security helped NFT Trader recover 38 Apes stolen in an exploit on Dec. 16.
NFT Trader, a platform that facilitates peer-to-peer swaps of non-fungible tokens, was exploited on Dec. 16 through a vulnerability discovered in an older version of its smart contracts.
The hacker managed to steal high-value NFTs from popular collections that included Bored Apes, Mutant Apes, Art Blocks and VeeFriends.
On Sunday, Boring Security, an initiative funded by the ApeCoin DAO in 2022 to educate Web3 users on keeping their digital assets safe, said it had recovered 38 Bored Apes and 18 Mutant Apes after successful negotiations with the hacker.
As we finish up getting these apes back to their rightful owners, I just want to give a huge shoutout to the team for working overtime this weekend to come together on this. The DAO is comprised of dozens of individuals, and are all here to further the mission of web3 security…
— Boring Security (@BoringSecDAO) December 18, 2023
The Apes are in the process of being returned to their rightful owners. However, the fate of stolen NFTs from other collections remains unclear.
The exploiter had previously sent an on-chain message demanding a ransom of 3 ETH per Bored Ape and 0.6 ETH per Mutant Ape.
“It turns out being your own bank is complicated,” Boring Security wrote on X, urging Web3 users to always remain vigilant when interacting with decentralized applications.
“The ETH devs have worked hard to create digestible abstraction layers for users, but things aren’t always as straightforward as they may seem.”
The NFT Trader exploit is the second high-profile incident in less than a week, coming just days after a code library belonging to hardware wallet provider Ledger was compromised.