Popular NFT marketplace Veve has temporarily closed its marketplace following an exploit that resulted in the illegal acquisition of millions of its in-app gem tokens.
The NFT marketplace, which is quite popular for offering licensed digital collectibles from mainstream brands like Marvel, Coca-Cola (NYSE:), and Pixar, confirmed the exploit in a Wednesday tweet. The company said that the attackers were able to acquire a “large amount” of gems. As a result, the company has shut down its in-app marketplace along with the purchase of gems until an investigation is complete.
As a result of this exploit, we have closed the Market, Gem purchases and transfers while we investigate. We will update you on the expected timing of Market opening as soon as we can.
— VeVe | Digital Collectibles (@veve_official) March 23, 2022
Gems are Veve’s in-app tokens, with one gem being equivalent to one dollar. To purchase collectibles, users will need to purchase gems first.
Earlier reports claim that the attackers were able to mint millions of gems for free by exploiting a bug in the buying mechanism. One user said that his friend was able to purchase gems with an expired credit card.
From what I heard someone was informed by their friend they accidentally purchased gems with an expired credit card and the transaction went through anyway. So it sounds more like an expired credit card exploit than stolen credit cards. No confirmation by Veve yet though.
— 🇺🇦 ⭕ Garlic Shrimp ⭕ 🇺🇦🧄 🦐 (@GARLICxSHRIMP) March 22, 2022
Following the incident, the accounts of several users who tried to buy the cheap gems from fraudulent accounts have been restricted. Meanwhile, Veve is yet to disclose the number of gems that were minted in the exploit. A Twitter (NYSE:) user, however, claimed that the figure could be in the millions and might be the biggest exploit so far on the platform.
The Twitter user goes on to share a timeline of events following the exploit – from when the platform first noticed the largest 3-day buying of gems to a crash in the price of the token by half.
Soooo…. apparently about 7M gems were fraudly purchasedMultiple accounts that interacted with them are now disabled Veve will need to recover those gems and this will be their biggest exploit to date
Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.