Ad
News
Optimism NFT marketplace Quixotic suffers exploit following contract update Optimism NFT marketplace Quixotic suffers exploit following contract update

Optimism NFT marketplace Quixotic suffers exploit following contract update

The Quixotic attacker was able to hack the offer feature to drain more than $100,000 in Optimism and USDC.

Optimism NFT marketplace Quixotic suffers exploit following contract update

Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.

Join Japan's Web3 Evolution Today

Quixotic, the largest NFT marketplace on Optimism, announced on July 1 that a recent contract update was exploited, leading to the loss of ERC-20 tokens.

The team assured users that lost funds would be returned and that NFTs listed on the platform were unaffected. But as a precautionary measure, all marketplace activity is paused as devs further investigate what happened.

Quixotic users are not required to act as the vulnerable contract has been halted, and refunds will go out “in the coming days.”

More details on the Quixotic NFT exploit

The exploit was first noted by the team at NFT project Apetimism, who duly alerted the community with a tweet in the early hours of July 1 (BST). It pinpointed the offer feature as the source of the vulnerability, suggesting members cancel open offers to protect themselves.

Some attacker is attacking the “Offer” feature. Therefore we suggest you to cancel all the offers immediately if you have one.

Expanding further, Apetimism said, based on their analysis, it appears that the hacker was able to transfer offers made on NFTs to their own wallet. They surmised that the hacker deployed their smart contract to overrun the existing logic to exploit the offer function.

Apetimism reported that $100,000 had been lost so far. However, since that tweet went out, an analysis of the hacker’s wallet shows several large outflows greater than $100,000.

The most significant single transfer out was for 110,756 USDC, while the next most considerable transaction out was for 170,882 Optimism (OP), valued at $90,500 at the current price.

A further followed up shows the hacker actively breaking stolen funds into smaller sums and sending them to multiple other addresses.

What is Quixotic?

Quixotic is the largest NFT marketplace on the Ethereum layer-2 platform Optimism.

It boasts an average transaction fee of just 0.0005 ETH ($1.50), making the platform much more usable for most NFT traders. The firm estimates it has saved its members around $2 million in gas fees since its inception.

On-chain tracking shows the platform turned over $419,500 in volume over the last 30 days, but user activity has declined significantly since June 14.

Mentioned in this article
Posted In: , , Hacks