Main navigation

Hacker Stole NFTs Worth 3,000 ETH and Then Returned Half of It, Here's How

Mon, 06/27/2022 - 10:05
article image
Arman Shirinyan
Sometimes even hackers are on good side
Hacker Stole NFTs Worth 3,000 ETH and Then Returned Half of It, Here's How
Cover image via stock.adobe.com

Disclaimer: The opinion expressed here is not investment advice – it is provided for informational purposes only. It does not necessarily reflect the opinion of U.Today. Every investment and all trading involves risk, so you should always perform your own research prior to making decisions. We do not recommend investing money you cannot afford to lose.

Read U.TODAY on
Google News
Contents

The "Metaverse Asset Bank," Carnival, which experienced a smart contract exploit in a flurry of transactions and led to the gain of around 3,000 ETH by a hacker found a resolution that decreased the damage to the platform and made the hacker look better, per PeckShield Inc.

How did the hack happen?

The flaw in the platform's code allowed hackers to withdraw pledged NFTs and use them as collateral. The mechanism was later used to drain assets from the pool. The main issue was the lack of judgment in the contract that has not checked if the pledged NFT has been withdrawn by the borrower.

Related
Jed McCaleb Now Has 114 Million XRP Left: Report

As always, the hacker received his funds from Tornado Cash coin mixing solution, which allowed him to remain completely anonymous. Potentially, the exploiter could have easily washed stolen funds and remained under the radar, and then later moved them into fiat somehow.

The good end

Luckily for platform users and the management team, the hacker agreed to return half of the stolen funds on one condition only: if the whole exploit story would be considered a "bug bounty," he would avoid all future lawsuits.

He asked the Carnival CEO to grant the owner of the address ending with "B800a" a 1,500 ETH bounty in exchange for the stolen funds. Essentially, the platform paid the hacker a $1.8 million bug bounty, which is considered more than generous.

Since the beginning of the year, the number of exploits and hacks of various DeFi platforms and NFT collections decreased significantly, most likely because of the dropping popularity of both industries and a crash of the cryptocurrency market in May and June.

article image
About the author

Arman Shirinyan is a trader, crypto enthusiast and SMM expert with more than four years of experience.

Arman strongly believes that cryptocurrencies and the blockchain will be of constant use in the future. Currently, he focuses on news, articles with deep analysis of crypto projects and technical analysis of cryptocurrency trading pairs.