Developer dupes Milady NFT ecosystem, escapes with $1 million in platform fees

Milady Maker, a non-fungible token collection on Ethereum blockchain, was on the cusp of becoming a cultural phenomenon in May this year. After receiving a vote of confidence by Tesla CEO Elon Musk, the prices of Milady NFTs soared by as much as 60%, and the community around it began growing.

However, recent developments could dampen confidence of Milady NFT holders. A developer is said to have duped the Milady ecosystem, running away with $1 million in fees. What’s more, the attacker also seized control of Twitter accounts of Milady, Remilia Baby and the Remilia.

The development came to light on September 11, 2023, when Charlotte Fang, co-founder of the Milady Maker NFT revealed on X – formerly Twitter – that a developer in the Milady ecosystem siphoned about $1 million in generated fees from Remilia Corporation.

The developer reportedly exploited a flaw in the way that the Milady project’s fee mechanism was set up. The mechanism allowed developers to claim fees for certain types of transactions, but the exploit allowed a developer to claim fees for transactions that they had not actually created.

Notably, the Milady Maker NFT is the brainchild of Remilia – a decentralized autonomous organization. According to Fang, the attacker managed to compromise Remilia’s revenue via Bonkler, its experimental art project introduced in April this year.

While the Milady ecosystem suffered losses to the tune of $1 million, Fang assured NFT holders that the “Bonkler reserves, main contract, and NFTs” remained protected, stressing that Remilia’s reserves were “unaffected” and user assets were “perfectly safe.”

In the wake of the attack, Bonkler’s daily mint was temporarily halted, with plans underway to revive in a future upgrade. Meanwhile, all Remilia NFTs, metadata and domains were safe, as per the announcement by Fang.

Fang said that the project is not only working to recover the lost funds, but also taking steps to prevent future exploits. They also said that the project is offering a reward of 10,000 Milady NFTs to anyone who helps to identify the developer responsible for the exploit.

The Milady NFTs is latest in the string of NFT collections that have been hacked or exploited in recent memory. Last year, a crypto scammer hacked Bored Ape Yacht Club’s Discord server, stealing  $360,000 worth of NFTs. 

In August 2023, the Federal Bureau of Investigation (FBI) sounded alarm bells over the rise of nefarious actors infiltrating the burgeoning NFT market. The agency’s stark warning came on the heels of a Todayq News report that revealed that NFTs worth a staggering $16.2 million were stolen in February this year.