By Alicia Maher
On March 22, the fast-rising NFT platform, VeVe, was hacked, with the hackers carting away millions of the platform’s in-app tokens. VeVe is the official partner of popular brands like Coca-Cola, Marvel, and Pixar.
An Admission Of The Incident
A Twitter thread published today on VeVe’s official Twitter page admitted that a hack took place but didn’t specify the amount of stolen in-app tokens. Part of the tweet further revealed that the platform would be temporarily shut down, including the purchase options for its in-app tokens until investigations are over.
We have become aware of an exploit of our systems which resulted in a large amount of gems being acquired illegitimately. We appreciate the members of the community that have come to us after noticing unusual activity.
— VeVe | Digital Collectibles (@veve_official) March 23, 2022
VeVe users often pay for NFTs in the store or during drops with VeVe’s in-app tokens (popularly known as gems). There are unconfirmed reports that the hackers exploited a bug in the purchase mechanism on the platform to mint millions of the in-app tokens illegally. One Twitter user commented that VeVe has yet to fix the bug, saying one of his friends used an expired credit card to purchase gems on the platform successfully.
Attempted Fraudulent Transactions
Following the hacking incident, the platform recorded several cases of attempted gems’ purchases through fraudulent means. That might explain why the VeVe team had to shut down the entire platform. A Twitter user opined that this hack should be the biggest on VeVe as the gems stolen would be worth millions of dollars.
From what I heard someone was informed by their friend they accidentally purchased gems with an expired credit card and the transaction went through anyway. So it sounds more like an expired credit card exploit than stolen credit cards. No confirmation by Veve yet though.
— 🇺🇦⭕Garlic Shrimp⭕🇺🇦🧄 🦐 (@GARLICxSHRIMP) March 22, 2022
Asides from its official announcement on Twitter, VeVe hasn’t granted any media interviews or issued any official press release elsewhere. A Twitter user with the username niftswaps.eth gave a chronology of events before and after the hacking incident.
According to him, there was a purchase of VeVe’s gems that lasted for 72 hours (it was the largest ever purchase in the platform’s history). Then, the price of each gem dipped by 50% before the platform went into maintenance.
Soooo….
apparently about 7M gems were fraudly purchased
Multiple accounts that interacted with them are now disabled
Veve will need to recover those gems and this will be their biggest exploit to date 😬
Users that purchased cheap gems off app will likely lose funds 🤦 https://t.co/7YG3BBXjMe
— niftyswaps.eth ⭕ (@niftyswaps) March 23, 2022
The hack on the VeVe platform also led to a significant decrease in the price of NFTs available on the platform’s marketplace. Veve’s hack tweet hack gave another Twitter user an understanding as to why the cost of his NFT on VeVe dropped by more than 75%.
Tencent And Alibaba Tighten Rules On Their NFT Platforms
Two china-based internet behemoths (Alibaba and Tencent) have updated the terms and conditions on their NFT platforms. The move became necessary as both firms looked to avoid further clampdown from Chinese authorities.
Part of Alibaba’s new policy on its NFT platform states that any user buying lots of NFTs through bots or other means would be reported to the appropriate agencies. Another section of the newly updated policy states that the platform would inform the police of any non-platform-based NFT transaction as they constitute criminal intentions.
China’s ban on crypto operations doesn’t include a prohibition of NFT transactions as the government considers NFTs to be “digital collectibles,” and it’s still legal to conduct NFT transactions. However, it is illegal to perform 3rd-party NFT transactions as stipulated in the updated crypto law released last year.