Friday 30 September 2022
Home / none / NFT watchdog Rug Pull Finder gets its own NFT giveaway exploited

NFT watchdog Rug Pull Finder gets its own NFT giveaway exploited

In an ironic twist, Rug Pull Finder (RPF), a nonfungible token (NFT) watchdog focused on identifying Web3-based fraud has fallen victim to a smart contract exploit of its own.

According to the NFT investigator’s post on Twitter on Sept. 2, two people exploited a technical flaw in the project during the free mint stage — pilfering 450 NFTs out of a possible 1,221 which were intended to be limited to one per wallet.

According to RPF, their smart contract had a flaw that allowed the code to be exploited, allowing the bandits to allocate more than the allowed number of NFTs to themselves.

The RPF team made moves to rectify the situation soon after the exploit, offering one of the people involved a deal to pay them a bounty of 2.5 Ether (ETH) (worth $3,944.68 at the time of writing) to recover 330 of the NFTs, which was accepted.

The crypto investigators noted that the exploiters "did negotiate in good faith and allow us to come to a reasonable solution with them."

The free mint, titled “Bad Guys” featured artworks of NFT "scammers accidentally let loose on the blockchain."

The collection serves as a whitelist or presale for members before the upcoming 10,000 NFT collection this fall.

Holding a Bad Guy NFT provides exclusive access to the mint, the RPF main drop, and other upcoming projects.

Warnings ignored

The watchdog group admitted that the exploit occurred as they didn’t heed warnings from an unknown source about the flaw, which was sent 30 minutes before the mint went live.

"After reviewing it with three different dev teams, we did not believe the credibility of the information sent to us… We were clearly wrong, and we are truly, truly sorry," RPF said.

The NFT investigator pointed to digital blockchain creative agency Doxxed Media as having handled all the art and contract work, and admitted that it "did not have our team audit it, or an independent 3rd party."

The irony of the exploit has not been missed by the crypto community, with some praising the NFT investigator for admitting to its fault, while others have questioned how a company specializing in detecting smart contract vulnerabilities didn’t conduct the proper checks on its own project.

After the shaky start however, RPF has managed to get their NFT project back on track.

Related: How do you pick your next NFT? Community responds

Through consultation with their online community, RPF has decided to distribute the recovered NFTs across a variety of spaces, including in the "Bad Guys Vault," a raffle on Twitter, and two further raffles for projects that are friends of Rug Pull Finder and the Rug Pull Finder public sale wallet collection list.

Original Article

About Jude Savage

Check Also

Ethereum Merge was ‘executed flawlessly,’ says Starkware co-founder

As the dust settled over the Ethereum network’s highly-anticipated transition to proof-of-stake (PoS), Eli Ben-Sasson, the co-founder of Starkware, gave his thoughts on its execution and potential for the future. Speaking to Cointelegraph’s Gareth Jenkinson at the Token2049 event, Ben-Sasson shared his thoughts on the current situation post-Merge and how it affects layer-2 projects like Starkware. In addition to that, the executive also gave his thoughts on the adoption and interest for layer-2 products and the crypto winter. Looking back at the Ethereum Merge’s execution, Ben-Sasson rejoiced that the transition was flawless and said things happened as they should. The executive explained that: “The most important thing is that it was executed flawlessly. Everything that was supposed to happen did happen. And none of the things that people were worried about did happen. And that's terrific news.”Additionally, the executive also highlighted the importance of the new Ethereum netw..

Leave a Reply

Your email address will not be published. Required fields are marked *