Yuga Labs has successfully reclaimed a trove of digital assets lost in a recent cyber heist. The Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) NFTs, valued at nearly $3 million, have been restored to their rightful place following a strategic bounty settlement.
The saga unfolded on December 16 when a hacker exploited a vulnerability in NFT Trader’s system, pilfering 36 BAYC and 18 MAYC tokens. The anonymous cyber-thief demanded a ransom of 120 Ether (ETH), boldly asserting their terms in a public message.
Reacting swiftly, Boring Security, a non-profit dedicated to Web3 safety, orchestrated the recovery. Backed by ApeCoin, they secured the assets within a day, remunerating the hacker with a $267,000 bounty, as confirmed by the team’s update on the platform formerly known as Twitter.
Greg Solano, co-founder of Yuga Labs, facilitated the payment, emphasizing the company’s commitment to its community. The NFTs were returned at no cost to their original holders, underscoring a triumph of collaboration in the digital space.
Behind the scenes, “Foobar”, the enigmatic Delegate founder, pinpointed a smart contract change as the breach source. A multicall feature misuse led to the unauthorized NFT transfers. Foobar, alongside the NFT Trader team, acted promptly to halt further misuse.
To prevent a recurrence, users are urged to revoke permissions granted to two outdated contracts. Vigilance remains paramount as the digital realm navigates the complexities of asset security.
