NFT watchdog Rug Pull Finder gets its own NFT giveaway exploited

Published at: Sept. 5, 2022

In an ironic twist, Rug Pull Finder (RPF), a nonfungible token (NFT) watchdog focused on identifying Web3-based fraud has fallen victim to a smart contract exploit of its own.

According to the NFT investigator’s post on Twitter on Sept. 2, two people exploited a technical flaw in the project during the free mint stage — pilfering 450 NFTs out of a possible 1,221 which were intended to be limited to one per wallet.

As discussed on our Twitter space's earlier today - We messed up. We messed up big. Our contract had a flaw that allowed 2 people to scoop up over 450 NFTs.Here is what we are doing to fix it

— Rug Pull Finder (@rugpullfinder) September 2, 2022

According to RPF, their smart contract had a flaw that saw the code exploited, allowing the bandits to allocate more than the allowed number of NFTs.

The RPF team made moves to rectify the situation soon after the exploit, offering one of the people involved a deal to pay them a bounty of 2.5 Ether (ETH) (worth $3,944.68 at the time of writing) to recover 330 of the NFTs, which was accepted.

The crypto investigators noted that the exploiters "did negotiate in good faith and allow us to come to a reasonable solution with them."

The free mint, titled “Bad Guys” featured artworks of NFT "scammers accidentally let loose on the blockchain."

The collection serves as a whitelist or presale for members before the upcoming 10,000 NFT collection this fall.

Holding a Bad Guy NFT provides exclusive access to the mint, the RPF main drop, and other upcoming projects.

Warnings ignored

The watchdog group admitted that the exploit occurred as they didn’t heed warnings from an unknown source about the potential flaws sent 30 minutes before the mint went live.

"After reviewing it with three different dev teams, we did not believe the credibility of the information sent to us... We were clearly wrong, and we are truly, truly sorry."

Admitting a mess up is rare and accountable. Bravo RPF. You are to be commended. The last few months I have seen token contracts with flaws, bad code and as of yesterday suspect code for anyone to take advantage of and not one of those devs said what you guys just stated

— Figs (@CryptoRoog) September 2, 2022

The NFT investigator pointed to digital blockchain creative agency Doxxed Media as having handled all the art and contract work, and they "did not have our team audit it, or an independent 3rd party."

The irony of the exploit has not been missed by the crypto community, with some praising the NFT investigator for admitting to its fault, while others have questioned how a company specializing in detecting smart contract vulnerabilities didn’t conduct the proper checks on its own project.

I think its concerning when security minded projects like RugPullFinder get their discord breached and their code exploited yet they're offering those exact services to customers. What do you think? pic.twitter.com/zJRWUXqic5

— OKHotshot (@NFTherder) September 2, 2022

After the shaky start however, RPF has managed to get their NFT project back on track.

Related: How do you pick your next NFT? Community responds

Through consultation with their online community, RPF has decided to distribute the recovered NFTs across a variety of spaces, including in the "Bad Guys Vault," a raffle on Twitter, and two further raffles for projects that are friends of Rug Pull Finder and the Rug Pull Finder public sale wallet collection list.

Tags
Nft
Trading
Business
Cryptocurrencies
Tokens
Hackers
Social Media
Related Posts
Life-changing money: The 10 most expensive NFTs sold to date
Nonfungible tokens, or NFTs, are turning out to be a treasure store with prices striding into the millions of dollars. Instances of an NFT garnering more than $69 million or a tweet fetching $2.9 million are not a fantasy, but an incredible reality. In 2021, an NFT by digital artist Beeple, or Mike Winkelmann, sold for a whopping $69 million, making NFTs a media hotshot and opening the floodgates for a string of other NFT sales, many of these in millions of dollars. Prompted by the plentiful talk about NFTs, stars like Paris Hilton, Lindsay Lohan, Eminem, Grimes and many …
Adoption / May 16, 2022
Crypto sleuth debunks 3 biggest misconceptions about the FTX hack
On-chain sleuth ZachXBT has shared his findings on what he sees as the three most common misconceptions about the FTX hack — taking to Twitter to correct a "ton of misinformation" about the event and the possible culprits. In a lengthy Nov. 20 post on Twitter, the self-proclaimed “on-chain sleuth” debunked speculation that Bahamian officials were behind the FTX hack, that exchanges knew the hacker's true identity, and that the culprit is trading memecoins. 1/ I have seen a ton of misinformation being spread on Twitter and in the news about the FTX event so let me debunk the three …
Bitcoin / Nov. 21, 2022
Platform offers win-win for professional traders and new investors
A social crypto trading platform connects professional traders with new investors — creating a win-win situation. Learning about cryptocurrencies can be a steep learning curve, and according to Tycoon, mastering the art of trading well is also difficult and time consuming. The platform aims to improve accessibility into this flourishing space through the use of API technology — meaning that a trader who is starting out can connect to a more experienced professional and copy their moves in real time. Tycoon says this approach can help newcomers accelerate their educational journey, all while potentially making the process much more rewarding …
Bitcoin / March 26, 2021
‘King of NFTs’ is dominating the crypto rankings — here's why
A decentralized video game and entertainment network dubbed “the king of NFTs” has now surpassed more than three million accounts. Worldwide asset eXchange (known as WAX for short) offers an easy-to-use cloud wallet and a convenient way of creating, buying, selling and trading nonfungible tokens. Congestion on the Ethereum blockchain has prompted a number of developers to start seeking alternatives — and figures from DApp Radar suggest that, toward the end of March, WAX had more active wallets than Tron, EOS, Ethereum and Flow. Alien Worlds, a space exploration game built on WAX, has also cemented its place at the …
Decentralization / May 13, 2021
NFTs are changing the way photographers create and market content
Since their explosion last year, nonfungible tokens (NFTs) have shown their appeal to collectors, investors and traders alike. They have especially gained attention in the art world, where an item’s provenance is everything, and owning the official, unique version of an item is much more valuable than a copy or duplicate. Some have postulated that artists creating and storing pieces on-chain can use the technology as proof of ownership for popular art forms. Among the various artforms to take advantage of NFTs, photography has also found its place, but what is the immediate value it brings for artists and consumers? …
Artists / March 27, 2022