Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
NFT Trader, a P2P digital asset trading protocol, said on Twitter that the website has been attacked, and users are asked to monitor their accounts and beware of phishing attacks. The NFT Trader website will be closed until further notice. Currently, the team is still investigating and the platform has been taken offline to avoid any further issues. NFT Trader stated that this is not a problem with the protocol. It is suspected that someone outside the team inserted a malicious code at the front end. The team will continue to investigate. Attack method (per SlowMist): Malicious Code Injection Attack. Reported loss: -.
- chain
- —
- protocol
- NFT Trader
- bug_class
- phishing
- date_occurred
- 2023-07-03
- loss_usd
- —
- source_id
- sm:nft-trader::2023-07-03