Paradox: NFT Watchdog is exploited immediately after its own collection is minted

As bad actors continue to carry out hit-and-run attacks on projects in the crypto space, it was inevitable that regulators, auditors, and the like would also become more in demand.

One such auditor is the Rug Pull Finder, an NFT watchdog that investigates alleged on-demand fraud and tries to keep the community updated via Twitter.

Unfortunately, it appears that the community failed to review some of the protocol’s work before drafting its own NFT suite.

Whitelist Pierced Mint

Recently, RPF decided to create a set of NFTs called “Bads”, which are intended to represent NFT fraudsters in various scam situations. This digital art was supposed to be a whitelist for another NFT drop later this fall. Due to the intended function of whitelisting, the minting was intended to be limited to one per wallet.

Unfortunately for RPF, the mint was hacked by exploiters who managed to obtain over 450 NFTs out of a total of 1,221 in a short period of time.

It seems that the developers responsible for the discord was leave it While. The team at Rug Pull Finder also admitted that they did not invite an independent third party to review the project, which led to the hacked whitelist. However, the team has already reached out to the developers, who apparently acted in good faith and reached some kind of agreement with RPF.

NFTs often go back to the property of RPF

Of the 450 NFTs generated via the exploit, 366 will be returned to RPF shortly for 2.5 ETH.

“We reached an agreement with the wallets that benefited from the contract and agreed to pay 2.5 ETH to buy the remaining 366 NFTs. Although they may have found an advantage, this is not a hack or a scam, etc. They discovered a bug, and used it to make a profit.” .

While this is a huge blow to the project – and to their reputation as auditors – this should ensure that the upcoming major mint this fall will be able to move forward as planned.

On the one hand, the community praised RPF for its openness and speed in resolving the issue, and on the other hand, it shed light on the situation – with the irony of the accountant’s failure to follow basic audit protocols that was not lost on his Twitter followers. .

The remaining 84 exploited NFTs will, for now, remain in the possession of bug exploiters.

Paradoxical post: NFT Watchdog was exploited right after its private group debuted on CryptoPotato.

Leave a Comment