Nifty News: Marketplace exploit on Smol Brains, NFT for trees, and Metaverse movies

cointelegraph.com:

Reports emerged on Mar. 3 of an exploit discovered on the TreasureDAO Marketplace NFT trading platform that allows a user to buy items at zero cost no matter the listing price or floor price of the collection.

Security specialist for Metamask and MyCrypo harry.eth tweeted on Mar. 3 around 1 am UTC, confirming that there is a flaw in the code on Marketplace which allows a user to purchase nonfungible tokens (NFTs) for 0 MAGIC. At least 28 Smol Brains and Smol Brains Land NFTs appear to have been taken using this exploit so far at the time of writing.

Yah, quantity here is 0... still emits all the data for block explorers and other sites to show a sell...There's no checks on buyItem() to ensure quantity > 0So price emitted is pricePerItem * 0 = 0 MAGICStill investigating... pic.twitter.com/c4u85iQO9C

The TreasureDAO team has not yet responded to a request to confirm or deny that there is an issue with the Marketplace.

MAGIC is the token used to make purchases on TreasureDAO’s Marketplace. The MAGIC price crashed 33% from $3.75 to $2.50 in an hour on Thursday but rebounded to about $3.25 according to CoinGecko. Both the decentralized autonomous organization (DAO) and Marketplace operate on the Arbitrum layer-2 Ethereum scaling solution.

The Smol Brains collection’s floor price is about 2,469.69 MAGIC ($8.100) as of the time of writing. However, the total losses so far may have hit nearly $1 million as most of the taken items were listed for much more than the floor price. The most valuable item taken so far was Smol Brains #5203, which was worth 15,000 MAGIC ($585,555) at the time it moved.

Trees for the Future is a nonprofit organization that uses donations to plant trees in Sub-Saharan Africa.

The thought to use NFTs emerged