On Friday, Quixotic, a marketplace for Non-Fungible Tokens (NFTs) that was built on the layer-2 scaling solution Optimism, reported an attack that resulted in the loss of ERC-20 tokens worth a total of one hundred thousand dollars.
The vulnerability was carried out by the hacker by manipulating a newly updated smart contract on Quixotic. This let the hacker take advantage of the Offer function on the marketplace, which enables a buyer to suggest a sum to acquire an asset from a seller.
Users were encouraged to renounce their subscription to the project’s smart contract using the following URL: revoke.cash in order to protect their assets and finances from the potential consequences of the assault.
Since a member of the Quixotic group lodged a complaint claiming his funds had been wiped out and that he also did not obtain an NFT he attempted to acquire, the exploit was only identified and dealt with after the complaint was made.
Quixotic Marketplace to Reimburse Users
Despite the fact that all transactions on the marketplace have been suspended, the team working on the project has stated that it would reimburse the tokens that were taken from customers who were affected by the vulnerability in “the coming days.”
It was also said that no NFTs were taken from the marketplace and that the hack solely affected ERC-20 tokens.
Loophole in System Proves Costly
Optimism, the Ethereum layer-2 scaling platform that is the home of Quixotic, has revealed that a particular vulnerability led to the theft of sixteen million dollars’ worth of coins.
Even though the mistake was made by Wintermute, a company that makes software for the cryptocurrency market, the crooks were the ones who stole the assets and moved them to a different account.
However, as of right now, the cybercriminal has handed over more than ninety percent of the cash to Optimism’s control.
The remaining two million dollars that are now held by the hacker are being offered as a bounty by the Optimism team.
Hackers Continue To Attack DeFi and NFT Projects
Hackers are increasingly turning their attention to DeFi and NFT initiatives as potential targets. The well-known NFT marketplace OpenSea was the target of repeated phishing assaults earlier in this year, which resulted in the theft of assets with a value in the millions of dollars.
A theft of one hundred million dollars was reported by the blockchain network Harmony Protocol in the previous month.
After waiting a week, the cybercriminals transferred $22 million from the seized fund to the Tornado Cash account.
What Exactly Is Quixotic?
Quixotic is the most popular NFT trading platform that runs on Ethereum’s layer-2 platform, Optimism.
The vast majority of NFT traders will find that the platform is far more useful as a result of its average transaction cost, which is merely 0.00005 ETH, or $1.50.