{"id":420326,"date":"2022-03-23T12:50:57","date_gmt":"2022-03-23T09:50:57","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/marvel-nft-partner-veve-closes-its-marketplace-after-an-in-app-token-exploit\/"},"modified":"2022-03-23T12:50:57","modified_gmt":"2022-03-23T09:50:57","slug":"marvel-nft-partner-veve-closes-its-marketplace-after-an-in-app-token-exploit","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/marvel-nft-partner-veve-closes-its-marketplace-after-an-in-app-token-exploit\/","title":{"rendered":"# Marvel NFT partner Veve closes its marketplace after an in-app token exploit"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a287e72442c1\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a287e72442c1\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/marvel-nft-partner-veve-closes-its-marketplace-after-an-in-app-token-exploit\/#%E2%80%9D_Marvel_NFT_partner_Veve_closes_its_marketplace_after_an_in-app_token_exploit_%E2%80%9C\" >&#8221; Marvel NFT partner Veve closes its marketplace after an in-app token exploit &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_Marvel_NFT_partner_Veve_closes_its_marketplace_after_an_in-app_token_exploit_%E2%80%9C\"><\/span>&#8221; Marvel NFT partner Veve closes its marketplace after an in-app token exploit &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDMvZDhjYjUzMTgtNmUxNS00MWNmLTgxNzAtMDVhNWYxYjU0NzhjLkpQRw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-2a0745c6>Veve, a nonfungible token (NFT) marketplace with licensed digital collectibles, faced an exploit on Tuesday, resulting in millions of gems (in-<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a> tokens) being acquired illegally. The platform is quite popular among mainstream brands such as Marvel, Pixar, and Coca-Cola, that have chosen Veve as their official launch partner.<\/p>\n<p>In an official tweet published on Wednesday, Veve acknowledged the exploit on its platform and said that the attackers managed to acquire a \u201clarge amount\u201d of gems illegitimately. The app-based NFT platform has shut the marketplace along with the gems purchase option until the investigation is complete.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">As a result of this exploit, we have closed the Market, Gem purchases and transfers while we investigate. We will update you on the expected timing of Market opening as soon as we can.<\/p>\n<p>\u2014 VeVe | Digital Collectibles (@veve_official) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/veve_official\/status\/1506462178223616001?ref_src=twsrc%5Etfw\">March 23, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nGems are the VeVe in-app token that users use to exchange for collectibles during drops or in the Market. Early reports suggest that the exploiters behind the attack managed to mint millions of gems without having to pay for it by exploiting a bug in buying mechanism. One user wrote that their friend accidentally purchased gems using an expired credit card and the transaction went through.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">From what I heard someone was informed by their friend they accidentally purchased gems with an expired credit card and the transaction went through anyway. So it sounds more like an expired credit card exploit than stolen credit cards. No confirmation by Veve yet though.<\/p>\n<p>\u2014  \u2b55 Garlic Shrimp \u2b55   (@GARLICxSHRIMP) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/GARLICxSHRIMP\/status\/1506319537335148544?ref_src=twsrc%5Etfw\">March 22, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The platform has also restricted several user accounts that reportedly tried buying the cheap gems from fraudulent accounts. While the NFT platfrom didn\u2019t disclose the exact amount of gems that were exploited, a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> user has claimed the figure could be in millions and might be the biggest heist on the platform. Veve didn\u2019t respond to Cointelegraph\u2019s requests for comments at the time of publishing.<\/p>\n<p><strong><em>Related: Nifty <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a>: Wolf snaps up Punk, Disney NFTs, Economist mag cover fetches $422K&#8230;<\/em><\/strong><\/p>\n<p>The Twitter user also shared a timeline of events of the exploit where Veve first registered the largest 3-day buying of the in-app token gems, followed by a crash in the price of the token off app by half, falling from 0.5 to 0.25 and then the marketplace goes into maintenance.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Soooo&#8230;. <\/p>\n<p>apparently about 7M gems were fraudly purchased<\/p>\n<p>Multiple accounts that interacted with them are now disabled <\/p>\n<p>Veve will need to recover those gems and this will be their biggest exploit to date <\/p>\n<p>Users that purchased cheap gems off app will likely lose funds  <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/7YG3BBXjMe\">https:\/\/t.co\/7YG3BBXjMe<\/a><\/p>\n<p>\u2014 niftyswaps.eth \u2b55 (@niftyswaps) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/niftyswaps\/status\/1506462559893069826?ref_src=twsrc%5Etfw\">March 23, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The gem exploits on Veve also resulted in a massive decline in the price of the listed NFTs on the platform, where one user realized why their NFT value plunged by 80% within a week after Veve\u2019s official Twitter post.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/veve_official?ref_src=twsrc%5Etfw\">@veve_official<\/a> just saw your latest tweet, now I understand why my secret rare goofy dropped 80% in value from the ATH at Market in a matter of weeks and I panic sold it finally. Very unhappy! 1st BOTS and now Gem exploit???<\/p>\n<p>\u2014 joker_del_mar (@jai_sond) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/jai_sond\/status\/1506525526588022788?ref_src=twsrc%5Etfw\">March 23, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more News articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/marvel-nft-partner-veve-closes-its-marketplace-after-an-in-app-token-exploit\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; Marvel NFT partner Veve closes its marketplace after an in-app token exploit &#8220; Veve, a nonfungible token (NFT) marketplace with licensed digital collectibles, faced an exploit on Tuesday, resulting in millions of gems (in-app tokens) being acquired illegally. The platform is quite popular among mainstream brands such as Marvel, Pixar, and Coca-Cola, that have&#8230;<\/p>\n","protected":false},"author":1,"featured_media":420327,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDMvZDhjYjUzMTgtNmUxNS00MWNmLTgxNzAtMDVhNWYxYjU0NzhjLkpQRw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74882,95118,86389],"class_list":["post-420326","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-hacks","tag-nft","tag-marketplace"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/420326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=420326"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/420326\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/420327"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=420326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=420326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=420326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}