NFT Trader Faces Security Breach as Valuable Assets Worth $2.4 Million Stolen

P2P trading platform NFT Trader has fallen victim to a suspected cyberattack. A significant number of high-value NFT assets, including 37 Bored Ape Yacht Club (BAYC), 13 Mutant Ape Yacht Club (MAYC), 4 World of Women, and 6 VeeFriends, totaling approximately $2.4 million in value, were transferred.

The hacker, identified as 0x90…8fda, executed the theft, prompting NFT Trader to urgently request users to revoke platform approvals. According to Chinese crypto news reporter Colin Wu, the stolen NFTs were transferred to the address 0x909F2159780e64143CF08f32dBBF56Ed19478fda.

Users who have engaged with NFT Trader are urgently advised to revoke the platform’s authorization promptly. To assist users in this process, the platform has shared details on removing delegations via Revoke.cash to specific addresses:

0xc310e760778ecbca4c65b6c559874757a4c4ece0
0x13d8faF4A690f5AE52E2D2C52938d1167057B9af

🚨🚨🚨🚨 RED ALERT

If you've ever used NFT Trader in the past, revoke approval to their contract ASAP (0x13d8faF4A690f5AE52E2D2C52938d1167057B9af)

So far already 37 BAYC and 13 MAYC have already been drained to this address https://t.co/KBdpkb8woX
— dingaling (@dingalingts) December 16, 2023

Chinese crypto news reporter Colin Wu provided additional insights on the incident through a post on X (formerly Twitter). He highlighted that the stolen NFTs were transferred to the address 0x909F2159780e64143CF08f32dBBF56Ed19478fda. In a subsequent on-chain message, the address holder, self-identified as a female “scavenger,” refuted any involvement in the cyber attack. Instead, she claimed to have rescued the NFTs with the intention of returning them.

Just In: The P2P trading platform NFT Trader is suspected of being attacked, and a large number of blue-chip NFT assets were transferred. The hacker (0x90…8fda) has stolen 37 BAYC, 13 MAYC, 4 World OF Women, and 6 VeeFriends, worth 1,080 ETH (approximately $2.4 million). Users…
— Wu Blockchain (@WuBlockchain) December 16, 2023

NFT Trader, despite being relatively unfamiliar to most NFT traders, has faced this security breach. The platform, with CEO John Pak and co-founders Mattia Migliore and the pseudonymous “Bruckzr,” reported the attack on old smart contracts. In response, users are strongly urged to revoke authorizations to prevent further unauthorized activities.

NFT collector @dingalingts, on X, raised awareness among traders, advising them to “revoke approval to their contract ASAP” if they have previously used NFT Trader. The collector enumerated the stolen digital assets, emphasizing the severity of the situation with losses exceeding $2 million, including 37 BAYC, 13 MAYC, 4 World of Women, and 6 VeeFriends.