Mar 23
Flashloan Attack on APE Airdrop
Bored Ape NFTX vault atomically rinsed by an MEVor
buys vault token -> redeems entire pool -> claims airdrop of 60k APE -> re-supply’s the pool twitted by @wilburforce_
https://etherscan.io/tx/0xeb8c3bebed11e2e4fcd30cbfc2fb3c55c4ca166003c7f7d319e78eaab9747098
Firstly, the attacker borrowed BAYC tokens that can be redeemed to NFTs and then used these NFTs to claim the AirDrop. After that, the attacker mint the BAYC tokens using the BAYC NFTs to return the flashloan. Lastly, the attacker got the AirDrop APE tokens through this process.
The team allocated 150 million tokens or 15% of the total ApeCoin supply to holders of Bored Ape Yacht Club and Mutant Ape Yacht Club collections, amounting to a staggering value of more than $800 million. Each BAYC holder got 10,094 tokens, valued anywhere between $80,000 to $200,000.
Someone has found a way to get an airdrop, using the NFT that they didn’t originally have. They use the airdrop in a specific way to execute it.It was a very effective move that gave them a $1.1 million deal in ApeCoin.
The trick was that the ApeCoin airdrop was not handed out based on a snapshot of who owned which Bored Ape at a specific time in the past. Instead, it was claimable by anyone who owns a Bored Ape at the point of claiming the airdrop. So if you gave someone your Bored Ape — and you hadn’t already claimed the tokens — they would be able to claim your tokens.
The trick is that ApeCoin airdrops aren’t distributed based on snapshots of who owns a boring ape at a particular time in the past. Instead, anyone with a bored ape can allege an airdrop. basically, if you give someone your bored ape-and you have not yet received your tokens-, they will be able to receive your tokens. ridiculous?
This means that all the person has to do is get some Bored Apes, their tokens — they just need to have these apes to get the airdrop. In fact, they can take it back right away.
A vault is a way to tokenize an NFT or group of NFTs. Then take a set of nfts, put them in Vault, and create a token. This token can then be staked for a token reward or sold (representing a portion of the value of the nft collection). Anyone with enough tokens can redeem them for potential nfts.
This vault was created on a protocol called NFTX. It contained five Bored Apes: #7594, #8214, #9915, #8167, and #4755 worth about 500 ETH ($1.4 million) based on the current floor price. Since the NFTs were locked up in the vault and not controlled by anyone party, nobody had used them to claim the airdrop.
This vault is generated on a protocol called NFTX. It included five bored apes: #7594, #8214, #9915, #8167, and #4755, which are worth around 500 ETH ($1.4 million) at the current reserve price. Since nfts are boned in vaults and not controlled by either party, no one uses them to request airdrops.
If a person is willing to unlock the NFTs to use them to claim the airdrop, but they didnt want to buy that directly cuz it would make it more expensive.
so flash loan came out from their mind,Flash loans are a type of loan that crypto traders may use to facilitate the buying and selling of different types of cryptocurrency on an exchange. They make use of smart contracts to issue the loans — and the trades they enable — instantly.
In this case, they bought a Bored Ape on NFT marketplace OpenSea for under $300,000 and used it as collateral to take out the flash loan. The flash loan was then used to purchase a large amount of the vault’s token, letting them redeem the five NFTs. The NFTs were used to claim the airdrop — all in this one, complex transaction — before all of them were then returned, the tokens sold back and the loan repaid.
In this process, they managed to claim an airdrop of 60,564 ApeCoin. They then sold these tokens on the decentralized exchange Uniswap for 399 ETH ($1.1 million). After, they sold back the original Bored Ape NFT that was used as collateral to the same NFTX vault.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing
