Magic Eden, a Solana-based NFT marketplace, has announced that it will reimburse users who were duped into purchasing fraudulent NFTs on its website due to a recent attack. According to the team’s tweet, the impact was limited to 25 unverified NFTs sold in four verified collections.
Earlier today, unverified NFTs were being shown as part of verified collections on ME. In the last day, impact was contained to 25 unverified NFTs sold in 4 collections.
We’ve resolved the issue and will refund those affected. Now, no one can buy unverified NFTs on ME.
— Magic Eden 🪄 (@MagicEden) January 4, 2023
The company explained that a bug in the activity indexer, which was recently implemented for its Snappy Marketplace and Pro Trade tools, essentially allowed fake NFTs to avoid verification and be listed among authentic NFT collections.
Magic Eden stated in a report:
“Unfortunately, there was a bug deployed in an update to both of these features, where NFTs were not verified before being listed into these two tools, which automatically included the items into the collection at large.”
According to the NFT platform, the problem has been fixed by temporarily deactivating both tools and removing the “entry points” that permitted unverified NFTs to pass through.
The team is also closely monitoring the situation to see if any additional damage has occurred over the past 24 hours and has requested that users refresh their browsers. Currently, it is not possible to purchase unconfirmed NFTs on Magic Eden.
There were reports of fake NFTs coming from the cryptocurrency community. These observers noted that attackers were targeting high-value NFTs specifically.
The well-known Solana-based collections ABC and y00ts were two of the projects that were impacted.
Do not buy these @y00tsNFT on @MagicEden, they are fake!
Basically, every single collection is fake on Magiceden, a massive exploit is happening ongoing.
High-value NFTs are suffering the most, as attackers choose to exploit higher-value NFTs first. pic.twitter.com/35RYHOKVxd
— HGE.SOL 🔤🧙♂️ (@HGESOL) January 4, 2023
Following the announcement, Twitter users kept raising the alarm about phony y00ts NFTs being widely used on the site. On at least two occasions, sales were made for 100 SOL each, for a total of about $2,600, according to a screenshot from ABC creator HGE.
The creator of y00ts, DeGods, also tweeted about the Magic Eden vulnerability that permitted unverified NFTs to be included in the collection.
There is currently an exploit on Magic Eden allowing for unverified NFT’s to be listed as part of the collection
You can verify if an NFT is part of the collection on our explore page linked below
If it’s not in our explorer, it’s not our NFThttps://t.co/c4HKIJJD1n
— DeGods III (@DeGodsNFT) January 4, 2023
If you would like to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, and Instagram.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
