Weekly Report (Oct-24)

5 min read
Weekly Report Oct24

Bitkeep, and plantworld hacked; Warner Bros to release Lord of the Rings NFTs, and more.


  • Warner Bros has announced the release of Lord of the Rings NFTs.
  • Lamborghini has unveiled yet another World Tour themed NFT collectibles.
  • W3E is preparing to host the world's first live web3 eSports tournament.  

NFTs have evolved as a diverse digital asset class with applications in various sectors of the economy. As fans pay to acquire digital collectibles of their memorable events, NFT adoption has grown significantly across multiple industries including art, sports, music, games, and many others. Many businesses have also used NFTs to reward their loyal customers.

Blockchain Hacks#

BitKeep, a decentralised multi-chain cryptocurrency wallet, suffered a $1 million loss due to an exploit on BNB Chain via a service used to swap tokens. The vulnerability was exploited due to a flaw in BitBTC code, in which the contract used a custom bridge rather than the standard bridge provided by Optimism. Later, the team communicated and worked with major security agencies to track down the hackers and recover the stolen assets. Following the incident, they suspended their Swap service to ensure that no other asset security issues occurred again. In our blog post, we provide a detailed analysis of the exploit.

Moola Market, a non-custodial liquidity protocol on the Celo ecosystem, was exploited for $9.1 million. The exploit involves draining 8.8 million $CELO tokens worth $6.6 million, 765k $cEUR tokens worth $0.7 million, 1.8 million $MOO tokens worth $1.2 million, and 644k $cUSD tokens worth $0.6 million. The attacker manipulated the price of the low-liquidity native $MOO token by purchasing a portion of it, and then used it as collateral to borrow $CELO tokens back and forth in order to steal the funds. After the announcement of the incident, the team halted all the activity on Moola. A bounty payment was announced in exchange for returning the funds within the next 24 hours of the incident, after which 93.1% of stolen funds were returned to the Moola governance multi-sig. We've decoded a detailed analysis of the exploit here.

Plantworld, a Binance Smart Chain (BSC) BEP-20 token, was the victim of a flash loan attack due to a flaw in transfer logic, resulting in a profit of 24,475 $BUSD for the hacker. The vulnerability was caused by the hackers' ability to use a flash loan to reduce the balance of the PLTD contract in Cake-LP to 1 and then swap all of the $BUSD into the attack contract using the $PLTD tokens. The perpetrator obtained 690,000 $BUSD and repaid the loan's 666,00 $BUSD, retaining the remaining profit of approximately 24,475 $BUSD. We highlighted the detailed analysis of the exploit in one of our blog posts.

Layer2DAO, a decentralised organisation focused on driving the future of the Ethereum Layer2 ecosystem was targeted by a hacker, who gained access to a Layer2DAO multisig on Optimism to drain 49,950,000 $L2DAO tokens. The perpetrator dumped a portion of the stolen tokens, but the team were able to negotiate and repurchase the remaining 31,239,677 tokens. The team took to a Tweet to mention that they will be evaluating additional opportunities to help support the token price over the coming days.

Metaverse, and NFTs#

Warner Bros. has announced that NFTs for the iconic 2001 film Lord of the Rings - Fellowship of the Ring will be available at web3.wb.com. Each NFT includes a 4K copy of the film, hours of bonus behind-the-scenes footage, a plethora of behind-the-scenes stills, and exclusive AR collectible assets inspired by the film. Eluvio, a Web3 company, created the NFTs and hosts them, along with all of the content data, on its Ethereum-compatible Content Fabric blockchain. Each NFT in the Lord of the Rings collection grants the holder the right to view the film footage in the same way that purchasing a BluRay DVD would do.

Roofstock, the real estate platform, has completed the sale of a three-bedroom property as a NFT for $175,000. The rental property at Cottage Lake Way in Columbia was sold on the Roofstock onChain NFT marketplace by transferring the Home onChain identity to the house buyer's Ethereum address. According to the company, each rental property is owned by a limited liability company, the details of which are encoded as an NFT on the Ethereum blockchain. When the underlying property's ownership changes, the Home onChain identity can be easily transferred.

Automobili Lamborghini will be releasing its third collection of World Tour-themed NFT digital collectibles as part of The Epic Road Trip series. The drop, designed in conjunction with Web3 Pro and INVNT.ATOM, is scheduled to drop on the nft.lamborghini.com platform on October 24. This next limited edition NFT from Lamborghini will be issued over four consecutive days, with the first three days seeing the release of 3 Limited Edition Base NFTs. These Base Edition NFTs will cost $196.30 each and be limited to 1,963 units. On October 27th, a total of 63 Limited Edition or Rare NFTs will be available for purchase. This uncommon NFT will cost $1,963 and has the potential to unlock collector-exclusive goodies.

W3E will be welcoming the web3 gaming community to Istanbul Blockchain Week. The event, which will take place on November 17 at the ESA Esports Arena in the centre of Istanbul, will also feature game displays, special developer announcements, demo testing, and a thrilling competition in one of the most well-known web3 games in the world. On the periphery of the W3E Tournament, W3E will also feature the first ever web3 gaming exhibition. EV.io, a first-person shooter set in a series of futuristic arenas on the Solana blockchain, will be the event’s league partner and lead game for the tournament. Top-ranked teams from Europe and Turkey will be invited by W3E to compete live in a white-knuckle event.

OnChain Insurance Industry News#

Nexus Mutual has announced a collaboration with Sherlock Protocol to expand their incentive-aligned auditing services. This collaboration will allow Nexus Mutual to assume 25% of the premiums for all protocols covered by Sherlock.