Veve, a nonfungible token (NFT) marketplace with licensed digital collectibles, faced an exploit on Tuesday, resulting in millions of gems (in-app tokens) being acquired illegally. The platform is quite popular among mainstream brands such as Marvel, Pixar, and Coca-Cola, which have chosen Veve as their official launch partner.
In an official tweet published on Wednesday, Veve acknowledged the exploit on its platform and said that the attackers managed to acquire a “large amount” of gems illegitimately. The app-based NFT platform has shut the marketplace along with the gems purchase option until the investigation is complete.
As a result of this exploit, we have closed the Market, Gem purchases and transfers while we investigate. We will update you on the expected timing of Market opening as soon as we can.
— VeVe | Digital Collectibles (@veve_official) March 23, 2022
Gems are the VeVe in-app token that users exchange for collectibles during drops or in the Market. Early reports suggest that the exploiters behind the attack managed to mint millions of gems without having to pay for it by exploiting a bug in buying mechanism. One user wrote that their friend accidentally purchased gems using an expired credit card and the transaction went through.
From what I heard someone was informed by their friend they accidentally purchased gems with an expired credit card and the transaction went through anyway. So it sounds more like an expired credit card exploit than stolen credit cards. No confirmation by Veve yet though.
— ⭕ Garlic Shrimp ⭕ (@GARLICxSHRIMP) March 22, 2022
The platform has also restricted several user accounts that reportedly tried buying the cheap gems from fraudulent accounts. While the NFT platfrom didn’t disclose the exact amount of gems that were exploited, a Twitter user has claimed the figure could be in millions and might be the biggest heist on the platform. Veve didn’t respond to Cointelegraph’s requests for comments at the time of publishing.
Related: Nifty News: Wolf snaps…