Yuga Labs Says 'No Surprise Mints' After Warning Of Attacks On Projects, Social Media Accounts
KEY POINTS
- Yuga Labs' BAYC, Otherside Discord was breached on June 5
- The breach allowed attackers to steal around $256,000 worth of NFTs
- The team removed the code that allowed users to mint BAYC NFTs infinitely
Yuga Labs, the blockchain technology company behind Non-Fungible Tokens (NFTs) and digital collectibles like the Bored Ape Yacht Collection (BAYC), said there will be "no surprise mints" after it received information about a potential attack on its projects and social media accounts.
Gordon Goner, the pseudonymous co-founder of Yuga Labs, took to Twitter to warn the public of an impending attack on the company and its projects. "We’ve received credible information that there may soon be an attack on our social media accounts, using an inside source at @Twitter to bypass our security," they tweeted.
Goner also told investors that Yuga Labs will not conduct any surprise mints – a wise decision considering that this is an ingenious method malicious attackers use to scam unsuspecting victims. "There are no surprise mints. Ever," the tweet read.
The Yuga Labs co-founder also shared they have been in constant communication with Twitter and have escalated active monitoring of accounts and security. "We’re feeling more secure, but please stay safe everyone. And remember there will be no surprise mints," they added.
The warning came after the company finally removed the dangerous code that allows users to mint BAYC NFT infinitely. If exploited, this could have flooded the market with BAYC digital collectibles, thereby lowering its floor price.
The single dangerous code was brought to Yuga Labs' attention a year ago by NonFungibles CEO Dan Kelly and was brought up again by an NFT developer who uses the Twitter handle foobar. "If the token contract owner (a personal wallet, not a multisig) gets hacked or phished, you might see thousands of new bored apes minted and dumped onto the market," the NFT developer noted.
"The contract owner has now been burned. While we’d been meaning to do this for a long time, we hadn't out of an abundance of caution. Felt comfortable doing it now. All done. In lay terms: The issue flagged in this article is now impossible," a Yuga Labs co-founder who goes by the Twitter handle EmperorTomatoKetchup tweeted.
One of the possible reasons why Yuga Labs finally removed the dangerous code was due to the hack on Discord servers on June 4, where malicious attackers stole over 145 ETH or approximately $256,000 worth of NFTs after gaining access to BAYC and Otherside Discords.
© Copyright IBTimes 2024. All rights reserved.