{"id":21638,"date":"2022-03-23T14:13:20","date_gmt":"2022-03-23T13:13:20","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=21638"},"modified":"2022-03-23T14:13:31","modified_gmt":"2022-03-23T13:13:31","slug":"veve-nft-market-shuts-down-after-an-exploit","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/veve-nft-market-shuts-down-after-an-exploit\/","title":{"rendered":"Veve NFT marketplace temporarily shuts down after an in-app token exploit"},"content":{"rendered":"\n
Veve, a nonfungible token (NFT) marketplace<\/a> to brands such as Marvel, Pixar, and Coca-Cola was hit by an attack on Tuesday, resulting in the illicit acquisition of millions of gems (in-app tokens). <\/h5>\n\n\n\n
\"Veve
Veve NFT marketplace temporarily shuts down after an in-app token exploit<\/figcaption><\/figure><\/div>\n\n\n\n

Veve acknowledged the breach on its platform in an official tweet released on Wednesday, saying that the attackers were able to obtain a “significant amount” of gems illegally. Until the inquiry is completed, the app-based NFT platform\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a> has taken down the marketplace as well as the gems buying option.<\/p>\n\n\n\n

\n

As a result of this exploit, we have closed the Market, Gem purchases and transfers while we investigate. We will update you on the expected timing of Market opening as soon as we can.<\/p>— VeVe | Digital Collectibles (@veve_official) March 23, 2022<\/use><\/svg><\/span><\/a><\/blockquote>

Gems are the VeVe in-app currency that users may swap for collectibles in the Market or during drops. According to early reports, the attackers were able to create millions of gems without having to pay for them by exploiting a flaw in the purchase system.<\/p>\n\n\n\n

Twitter users complain about the exploit\u00a0<\/h2>\n\n\n\n

One user said that a friend bought gems with an expired credit card<\/a> and that the transaction went through.<\/p>\n\n\n\n

\n

From what I heard someone was informed by their friend they accidentally purchased gems with an expired credit card and the transaction went through anyway. So it sounds more like an expired credit card exploit than stolen credit cards. No confirmation by Veve yet though.<\/p>— \ud83c\uddfa\ud83c\udde6\u2b55Garlic Shrimp\u2b55\ud83c\uddfa\ud83c\udde6\ud83e\uddc4 \ud83e\udd90 (@GARLICxSHRIMP) March 22, 2022<\/use><\/svg><\/span><\/a><\/blockquote>

Several user accounts have also been suspended when it was discovered that they were attempting to purchase cheap gems from bogus accounts.<\/p>\n\n\n\n

While the NFT platform<\/a> did not reveal the actual number of gems abused, a Twitter user said the sum may be in the millions, making it the site's greatest robbery. At the time of publication.<\/p>\n\n\n\n

The Twitter user also revealed a chronology of the exploit's actions, which included Veve registering the greatest 3-day buying of in-app token gems, followed by a 50% drop in the price of the token from 0.5 to 0.25, and the marketplace going into maintenance.<\/p>\n\n\n\n

\n

Soooo….

apparently about 7M gems were fraudly purchased

Multiple accounts that interacted with them are now disabled

Veve will need to recover those gems and this will be their biggest exploit to date \ud83d\ude2c

Users that purchased cheap gems off app will likely lose funds \ud83e\udd26 https:\/\/t.co\/7YG3BBXjMe<\/use><\/svg><\/span><\/a><\/p>— Nifty \ud83c\udf4e (@niftymfer) March 23, 2022<\/use><\/svg><\/span><\/a><\/blockquote>

The gem vulnerabilities on Veve also led to a large drop in the price of the platform's listed NFTs, with one user realizing why his NFT value had dropped by 80% just a week after Veve's official Twitter tweet.<\/p>\n\n\n\n

\n

@veve_official<\/use><\/svg><\/span><\/a> just saw your latest tweet, now I understand why my secret rare goofy dropped 80% in value from the ATH at Market in a matter of weeks and I panic sold it finally. Very unhappy! 1st BOTS and now Gem exploit???<\/p>— Jai S (@jai_sond) March 23, 2022<\/use><\/svg><\/span><\/a><\/blockquote>

<\/h3>\n","protected":false},"excerpt":{"rendered":"

Veve, a nonfungible token (NFT) marketplace to brands such as Marvel, Pixar, and Coca-Cola was hit by an attack on Tuesday, resulting in the illicit acquisition of millions of gems (in-app tokens). Veve acknowledged the breach on its platform in an official tweet released on Wednesday, saying that the attackers were able to obtain a […]<\/p>\n","protected":false},"author":12,"featured_media":21639,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[21,62],"tags":[8271,8272,8270,8046,6133],"class_list":["post-21638","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-nft-news","tag-expliot","tag-in-app-tokens","tag-marvel-2","tag-nft-marketplace-2","tag-veve"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2022\/03\/image-159.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/21638","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=21638"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/21638\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/21639"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=21638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=21638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=21638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}