Stolen ‘Smol Brains’ NFTs Returned to Users Hours After Treasure Exploit

Hackers have started to return stolen “Smol Brains” and other non-fungible tokens (NFT) hours after exploiting popular Arbitrum-based marketplace Treasure on Thursday morning, developers confirmed in a message.

• “We believe we have identified and rectified the cause of the issue,” developers said in a message on Treasure's Discord channel. “This was a basic bug arising from a prior fix that should have been identified earlier.”
• Users who fail to receive the NFTs will be made whole in a remuneration plan voted on and passed by the community members, who take part in the long-term growth of the marketplace.
• “Once we have the full list of remaining impacted parties who did not receive back their stolen NFTs, we will propose a number of remediation options to ensure users are made whole. These options will be tabled with the community and voted on” by the decentralized autonomous organization (DAO), the note read.

• Treasure is the biggest NFT ecosystem on layer 2 protocol Arbitrum, which runs atop the Ethereum blockchain. Each project listed on the Treasure marketplace uses native MAGIC tokens in its own metaverse.
• MAGIC allows users to take part in future decisions and drive the growth of the marketplace. Metaverse refers to the immersive digital world created by the combination of virtual reality, augmented reality.
• In early Asian hours on Thursday, hackers were able to exploit a vulnerability on the protocol that allowed them to mint NFTs for no cost. Treasure asked users to delist their NFTs from the marketplace at the time. NFTs are blockchain-based representation of a digital or real-world asset.
• Blockchain addresses uncovered by sleuths show several "Smol Brains" and “Legions” were stolen in the attack. The Smol Brains NFTs are one of the most popular on Treasure, with some stating the stolen collection alone was valued at over $1.4 million at the time of the attack.
• Prices of MAGIC fell 40% in the hours following the exploit. However, prices have since recovered to the $3.34 mark, as per data from CoinGecko.
• Thursday’s exploit put Treasure in the news for the second time in as many weeks. In February, anonymous blockchain sleuth “zackxbt” claimed Treasure developer “JC” was previously involved in several short-lived NFT projects that were abandoned soon after hyped launches.
• Treasure, however, responded to the allegations stating JC worked on a contract basis and delivered stipulated work before the previous projects were abandoned by their creators.