link.png

ID:

jay-pegs-automart-917

Date:

Status:

Incident Count:

September 16, 2021

Verified

1

info.png
target.png
REKT

Contributor:

chain.png

zerofriction.io

KYC By:

KYC:

None

info.png

Audit By:

Audits:

None

Loss Amount:

3,100,000

info.png

Recovered:

3,100,000

Rewards:

Currency:

USD, DONA

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Data Sources:

Ethereum

NFTs

NFTs

Front-end Vulnerabilities

Extended Method:

Manipulation of Miso code

info.png

Days in Operation:

409

(1.12 Years)

chain.png
chain.png
chain.png
chain.png
datasource.png

Jay Pegs Auto Mart is a subsidiary of NGMI.Global, a group of creative crypto developers and entrepreneurs who have found a love for artistic hijinks and reliable used cars. The Auto Mart set up a sale of DONA tokens on SushiSwap’s new token sale platform, Miso, in order to do a fair sale of 9,800 ERC-20 tokens that are redeemable for NFTs of 2007 Kia Sedonas. Interested buyers will also have the option to redeem their NFT for an actual 2007 Kia Sedona.

However, the attacker managed to walk away with the entire proceeds of the DONA sale, 864.8 ETH, or roughly $3.1M at the time of the heist. The team had sold 9,800 DONA tokens to 1,363 participants. The current price for DONA is 0.088 ETH. The hacker (per REKT a contract developer) successfully a Github request in SushiSwap’s account had been merged that changed the destination address for the auction, allowing the hacker to modify Miso’s front end in order to redirect proceeds.

Due to the doxxing of the developer by the SushiSwap team, the funds were returned.

info.png

DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.