LiveArtX has become the latest Web3 firm to fall victim to a hack this month. The NFT platform saw dozens of its Meta-morphic: Seven Treasures Collection NFTs being stolen after the platform’s Treasury and Campaign Wallet were compromised.
The hacker got away with as many as 197 Mystery Boxes (NFTs) that were minted for LiveArtX’s treasury and marketing campaigns.
As per LiveArtX’s announcement on its Discord server, the hacker first gained access to the treasury wallet on 16 October at 04:24:11 pm UTC. Within seconds, the hacker proceeded to transfer 197 NFTs to a separate address. This was followed by the first sale at 04:47:11 pm UTC, which the hacker made after accepting a bid.
The rapid sale of the stolen NFTs, especially at discounted prices, caused the floor price of the collection to break.
The platform has taken full responsibility for the incident and assured community members that steps were being taken to rectify the situation.
“It is a lesson learned for us and all criticism and advice are welcome.”
As for the reason behind the hack, the platform was transparent enough to list the shortcomings on its part that likely led to the hack.
First of all, LiveArtX failed to separate its operation wallet from the treasury wallet. Secondly, a multi-signature mechanism was not implemented for the treasury wallet. Finally, the platform confessed that the private key was shared with more than one team member.
LiveArtX has identified all the NFTs involved in the exploit and NFT marketplaces have been contacted in order to ensure that the stolen artwork is locked and prevented from being sold.
The platform is attempting to identify the hacker. Security advisors have been engaged and the smart contract has been upgraded
Read more on ambcrypto.com