Non-fungible token (NFT) marketplace Magic Eden has promised to refund all users who were tricked into buying fake NFTs on its website as a result of an exploit.
on a january 4 declarationthe company said a bug in its recently implemented "activity indexer" for its Snappy Marketplace and Pro Trade tools essentially allowed fake NFTs to bypass verification and be listed alongside genuine NFT collections.
Magic Eden said the exploit led to 25 fraudulent NFTs sold out on four sets in the last 24 hours, but is currently confirming if additional NFTs were affected beyond the last day.
Two of the affected projects were expensive and popular collections based on Solana ABC and y00ts.
don't buy these @y00tsNFT on @MagicEdenthey are false!
Basically every collection is fake in Magiceden, there is a massive exploit going on.
High-value NFTs suffer the most, as attackers choose to exploit higher-value NFTs first. pic.twitter.com/35RYHOKVxd
โ HGE.SOLโโ๏ธ (@HGESOL) January 4, 2023
The NFT platform said it has fixed the issue by temporarily disabling both tools and removing "entry points" that allowed unverified NFTs to pass through.
It also asked users to perform a "full refresh" to ensure that unverified listings no longer appeared in their browser session, and closed the purchase of unverified NFTs as a precaution.
โMagic Eden is safe for trade and we will refund all users who mistakenly purchased non-specifically verified NFTs due to this issue,โ he wrote.
Earlier today, unverified NFTs were showing up as part of verified collections in ME. In the last day, the impact was contained to 25 unverified NFTs sold in 4 collections.
We have resolved the issue and will reimburse those affected. Now, no one can buy unverified NFTs on ME.
โ The Magical Eden (@MagicEden) January 4, 2023
magical eden first high raised the alarm about fraudulent NFTs in a Twitter post on January 4, citing community reports that people were able to buy fake ABC NFTs. At the time, he said that he added "verification layers" in an attempt to solve the problem.
After the announcement, Twitter users continued to sound the alarm about the fakes. y00ts NFT permeating the platform. A screenshot from ABC creator "HGE" showed at least two sales worth 100 Solana (SUN) each, a total amount of about $2,600.
DeGods, the creator of y00ts, too tweeted to his followers that there was an exploit in Magic Eden that allowed unverified NFTs to be included as part of the collection.
There is currently an exploit in Magic Eden that allows unverified NFTs to be listed as part of the collection.
You can check if an NFT is part of the collection on our browse page linked below
If it's not in our browser, it's not our NFThttps://t.co/c4HKIJJD1n
โ DeGods III (@DeGodsNFT) January 4, 2023
The latest exploit is now the second incident Magic Eden users have had to go through this week.
On January 3, the market was full of pornographic images and images from the television series The Big Bang Theory.
Related:NFT Influencer Falls Victim Of A Cyber โโAttack And Loses $300K+ CryptoPunks
Magic Eden said a third-party image hosting provider was "compromised" which led to the "nasty images" and reassured users that their NFTs were safe.
Cointelegraph reached out to Magic Eden for comment but did not immediately receive a response.