Someone Earned $1.1 Million Tricking ApeCoin ($APE) Airdrop System
On 17th March, an anonymous person took advantage of the ApeCoin airdrop and gained $1.1 million. The person tricked the airdrop system into offering free tokens. While many investors hailed the anon user, a crypto-security firm strongly criticized the actions. According to analytical networks, $APE has performed exceptionally in the past 24 hours.
Investor Tricks the ApeCoin ($APE) Airdrop SystemThe Bored Ape Yacht Club (BAYC) creators held an airdropping session on Thursday. They gave out $APE tokens to all individuals who had BAYC NFTs. However, an anonymous user exploited the system and earned tokens using NFTs they didn’t initially own. The team airdropped 150 million tokens valued at over $800 million. According to sources, the persons holding the NFTs just needed to claim the tokens. Every holder would get an average of 10094 tokens, valued at over $80 thousand total. The anon user exploited the airdropping system and managed to collect tokens with loan NFTs. They found an NFTX based vault with 5 Bored Apes that had not claimed airdrops. The 5 NFTs in the vault were valued at over $1.4 million. Instead of purchasing the NFTs at a high cost, the investor flash loan system where you borrow large amounts of loans using small collateral. They bought 1 Bored Ape from Opensea at $300k, used it as collateral, and owned the 5 Bored Apes in NFTX. Immediately, the user claimed airdrop tokens and, in the same transaction, sold back NFTs to the vault, repaying the Flash loan. In the single transaction, the investor earned about 60564 $APEs airdrop tokens valued at $1.1 million. While some people praised the user for tricking the system, a security firm termed the event an attack. The BlockSecTeam said,
“We think it’s an attack as the airdrop mechanism has a vulnerability. The airdrop claim depended on the spot state, whether a user held the NFT at that time of claim and the attacker exploited this vulnerability to profit.”According to several experts, the best way to avoid the attack would be by considering the duration of holding the NFT. By ignoring the period, the airdrop system was easy to trick.