Quixotic — an Optimism-based NFT marketplace — revealed that criminals breached its security and ran out of ERC-20 tokens. The organization guarantees that users whose assets have been stolen will be compensated.
Quixotic disclosed in a recent tweet that criminals attacked its “offer” feature and stole ERC-20 tokens. The team advised its clients to cancel their offers “immediately”, adding that all market operations would cease.
Quixotic, on the other hand, guarantees that those customers affected by the attack will receive a full refund in the coming days. Non-fungible tokens listed on the market are immune to cyber attacks.
We can confirm that a recent update to our market contract was exploited to allow hackers to steal approved ERC-20 tokens
1. We will refund all stolen ERC-20 tokens2. NFTs remain safe from exploits3. All market activity remains suspended https://t.co/wBYt903QVO
— Quixotic 🔴✨ — Optimistic about the NFT market (@quixotic_io) July 1, 2022
According to DappRadar, Quixotic is the largest NFT marketplace on Optimism. In the past month, it has attracted over 9,000 users who have completed over 22,000 transactions. The registered trading volume for the period was approximately $405,000.
Another attack in the cryptocurrency space made headlines last week – Harmony Protocol. The latter’s Horizon Bridge was breached by hackers, stealing nearly $100 million worth of Ethereum.
Shortly after discovering the problem, Harmony offered attackers a $1 million bounty in exchange for stolen funds and sharing exploit information. Anonymous hackers rejected the offer because they also started laundering money through Tornado Cash.
A subsequent study by Elliptic Enterprises claimed that the group behind the heist was a North Korean hacking group, the Lazarus Group:
“There are strong indications that, depending on the nature of the hack and the subsequent laundering of stolen funds, North Korea’s Lazarus Group may be responsible for the theft.”
According to Elliptic’s analysis, criminals targeted the username and password credentials of Harmony’s employees in the Asia-Pacific region in order to compromise the protocol’s security systems. Later, they used automated money-laundering services to transfer the stolen funds at night.
The company further insists that Lazarus Group has moved more than 40% of the $100 million to the Tornado Cash mixer.
Binance Free $100 (Exclusive): Use this link to sign up and get $100 for free and a 10% fee discount on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to sign up and enter code POTATO50 to get a deposit of up to $7,000.