The Bored Ape Airdrop event was used to steal $1.5M in the Apecoin project, the cryptocurrency world is in shock. According to a research report, a vulnerability in the airdrop of the Bored Ape Yacht Club (BAYC) was exploited to steal approximately $1.5 million in ApeCoin tokens (APE). APE tokens were distributed to BAYC NFT holders this Thursday before being traded on the open market.
ApeCoin airdrop shock development
Cybersecurity researcher Check Point Research said the hacker has been trying to “borrow BAYC NFTs quickly and use a large number of tokens”. He said he used a method called “flash credit”. Check Point said the main vulnerability in the airdrop was BAYC’s failure to control how long NFT holders owned the asset. Therefore, the attacker only needed to have a BAYC NFT for a short time in order to claim the token.
The hacker also used an NFT vault platform called NFTX to identify unused BAYCs to claim the airdrop and then use it to claim APE tokens. Check Point said the attacker sold APE tokens on the open market for $1.5 million. A separate report from security firm CertiK said the hacker made around $800,000 in profit. BAYC creator Yuga Labs did not create a snapshot, i.e. a record of all BAYC holders, prior to the airdrop. This allowed people to buy BAYC in real time to request airdrops.
Price continued to rise
Data from NFT floor prices show that BAYC’s price floor, i.e. the lowest price that can be purchased in the project, is roughly approximate after the airdrop announcement. It shows an increase of 20%. With the BAYC sales, the price continued to rise when the airdrop started, reaching 105.91 ETH (313.938 USD). APE marks a highly volatile debut. ApeCoin pointed to huge price fluctuations in its first trade. The token rose as high as $40 before dropping to $6 after the airdrop and started trading on several major exchanges. At the time of writing, the token was trading at around $13.2, down 16% in the past 24 hours. According to the information received by Kriptokoin.com, about 15% of the total supply was distributed via airdrop.