Cointelegraph Team
Cointelegraph
Rug Pull Finder's NFT contract was abused to allow two scammers to mint 450 NFTs instead of one per wallet.
In an ironic twist, Rug Pull Finder (RPF), a nonfungible token (NFT) watchdog focused on identifying Web3-based fraud has fallen victim to a smart contract exploit of its own.
According to the NFT investigator’s post on Twitter on Sept. 2, two people exploited a technical flaw in the project during the free mint stage — pilfering 450 NFTs out of a possible 1,221 which were intended to be limited to one per wallet.
As discussed on our Twitter space's earlier today –
We messed up. We messed up big. Our contract had a flaw that allowed 2 people to scoop up over 450 NFTs.
Here is what we are doing to fix it
According to RPF, their smart contract had a flaw that saw the code exploited, allowing the bandits to allocate more than the allowed number of NFTs.
The RPF team made moves to rectify the situation soon after the exploit, offering one of the people involved a deal to pay them a bounty of 2.5 Ether (ETH) (worth $3,944.68 at the time of writing) to recover 330 of the NFTs, which was accepted.
The crypto investigators noted that the exploiters "did negotiate in good faith and allow us to come to a reasonable solution with them."
The free mint, titled “Bad Guys” featured artworks of NFT "scammers accidentally let loose on the blockchain."
The collection serves as a whitelist or presale for members before the upcoming 10,000 NFT collection this fall.
Holding a Bad Guy NFT provides exclusive access to the mint, the RPF main drop, and other upcoming projects.
The watchdog group admitted that the exploit occurred as they didn’t heed warnings from an unknown source about the potential flaws sent 30 minutes before the mint went live.
"After reviewing it with three different dev teams, we did not believe the credibility of the information sent to us… We were clearly wrong, and we are truly, truly sorry."
As discussed on our Twitter space's earlier today –
We messed up. We messed up big. Our contract had a flaw that allowed 2 people to scoop up over 450 NFTs.
Here is what we are doing to fix it
The NFT investigator pointed to digital blockchain creative agency Doxxed Media as having handled all the art and contract work, and they "did not have our team audit it, or an independent 3rd party."
The irony of the exploit has not been missed by the crypto community, with some praising the NFT investigator for admitting to its fault, while others have questioned how a company specializing in detecting smart contract vulnerabilities didn’t conduct the proper checks on its own project.
I think its concerning when security minded projects like RugPullFinder get their discord breached and their code exploited yet they're offering those exact services to customers. What do you think? pic.twitter.com/zJRWUXqic5
After the shaky start however, RPF has managed to get their NFT project back on track.
Through consultation with their online community, RPF has decided to distribute the recovered NFTs across a variety of spaces, including in the "Bad Guys Vault," a raffle on Twitter, and two further raffles for projects that are friends of Rug Pull Finder and the Rug Pull Finder public sale wallet collection list.
Shiba Inu price shows a lack of volatility –a characteristic of many meme coins. These dog-coins have a phase of near-zero volatility and compression of price range followed by an explosive move. SHIB sits in the former phase, waiting for the volatility to kick in.
ApeCoin price shows that the recent consolidation will likely yield a bearish breakout. The incoming crash will collect the liquidity resting to the downside before triggering a larger uptrend.
Crypto.com price is on a downtrend with no signs of stopping just yet. However, the recent spike in bullish momentum must have given buyers a wrong impression of a recovery rally as the downside objectives are still uncollected.
AVAX price auctions at a key 61.8% Fibonacci Retracement level. Avalanche price shows an uptick in volume amidst the contact with the FIB level and RSI support. Invalidation of the bullish thesis depends on the June 18 swing low at $13.79 holding as support.
Bitcoin price shows an ongoing consolidation as it hovers at the same level for the past six days with no signs of directional bias. A breakout from this tightening range could result in a bearish move that eyes a sweep of the sell-stop liquidity below recent lows.
Note: All information on this page is subject to change. The use of this website constitutes acceptance of our user agreement. Please read our privacy policy and legal disclaimer.
Trading foreign exchange on margin carries a high level of risk and may not be suitable for all investors. The high degree of leverage can work against you as well as for you. Before deciding to trade foreign exchange you should carefully consider your investment objectives, level of experience and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. You should be aware of all the risks associated with foreign exchange trading and seek advice from an independent financial advisor if you have any doubts.
Opinions expressed at FXStreet are those of the individual authors and do not necessarily represent the opinion of FXStreet or its management. FXStreet has not verified the accuracy or basis-in-fact of any claim or statement made by any independent author: errors and Omissions may occur.Any opinions, news, research, analyses, prices or other information contained on this website, by FXStreet, its employees, partners or contributors, is provided as general market commentary and does not constitute investment advice. FXStreet will not accept liability for any loss or damage, including without limitation to, any loss of profit, which may arise directly or indirectly from use of or reliance on such information.