NFT Rug Pull Finder Watchdog Gets His Own Exploited NFT Gift
Rug Pull Finder NFT contract abused allowing two scammers to mint 450 NFT instead of one per wallet.
New
In an ironic twist, Rug Pull Finder (RPF), a non-fungible token (NFT) watchdog focused on identifying Web3-based fraud, fell victim to a smart contract exploit that is unique to him.
According to the NFT Investigator's Twitter post on September 2, two people exploited a technical flaw in the project during the free mint stage - stealing 450 NFTs out of a possible 1,221, which were to be limited to one per wallet.
As discussed on our Twitter space earlier today -
We were wrong. We made a big mistake. Our contract had a loophole that allowed 2 people to recover more than 450 NFT.
Here's what we're doing to fix it
— Rug Finder (@rugpullfinder) September 2, 2022According to RPF, their smart contract had a flaw that allowed the code to be exploited, allowing bandits to allocate more than the allowed number of NFTs to themselves.
The RPF team took steps to rectify the situation shortly after the exploit, offering one of the people involved a deal to pay them a bounty of 2.5 Ether (ETH) (about a worth $3,944.68 at time of writing) to recover 330 of the NFTs, which was accepted.
The crypto investigators noted that the exploiters "negotiated in good faith and allowed us to reach a reasonable solution with them."
The free mint, titled "Bad Guys" featured NFT artwork "of scammers accidentally dropped on the blockchain".
The collection serves as a whitelist or pre-sale for members ahead of the next collection of 10,000 NFTs this fall.
Holding a Bad Guy NFT provides exclusive access to Mint, RPF Master Drop, and more upcoming projects.
Warnings ignoredThe monitoring group admitted that the exploit happened because it ignored warnings from an unknown source about the flaw, which were sent 30 minutes before the Mint went live .
"After reviewing it with three different development teams, we did not believe the credibility of the information sent to us... We were...
Rug Pull Finder NFT contract abused allowing two scammers to mint 450 NFT instead of one per wallet.
New
In an ironic twist, Rug Pull Finder (RPF), a non-fungible token (NFT) watchdog focused on identifying Web3-based fraud, fell victim to a smart contract exploit that is unique to him.
According to the NFT Investigator's Twitter post on September 2, two people exploited a technical flaw in the project during the free mint stage - stealing 450 NFTs out of a possible 1,221, which were to be limited to one per wallet.
As discussed on our Twitter space earlier today -
We were wrong. We made a big mistake. Our contract had a loophole that allowed 2 people to recover more than 450 NFT.
Here's what we're doing to fix it
— Rug Finder (@rugpullfinder) September 2, 2022According to RPF, their smart contract had a flaw that allowed the code to be exploited, allowing bandits to allocate more than the allowed number of NFTs to themselves.
The RPF team took steps to rectify the situation shortly after the exploit, offering one of the people involved a deal to pay them a bounty of 2.5 Ether (ETH) (about a worth $3,944.68 at time of writing) to recover 330 of the NFTs, which was accepted.
The crypto investigators noted that the exploiters "negotiated in good faith and allowed us to reach a reasonable solution with them."
The free mint, titled "Bad Guys" featured NFT artwork "of scammers accidentally dropped on the blockchain".
The collection serves as a whitelist or pre-sale for members ahead of the next collection of 10,000 NFTs this fall.
Holding a Bad Guy NFT provides exclusive access to Mint, RPF Master Drop, and more upcoming projects.
Warnings ignoredThe monitoring group admitted that the exploit happened because it ignored warnings from an unknown source about the flaw, which were sent 30 minutes before the Mint went live .
"After reviewing it with three different development teams, we did not believe the credibility of the information sent to us... We were...
What's Your Reaction?
