Peeking inside the mind of a hacker who claims to have forged the BAYC NFT collection

Saif Naqvi
BAYC Hack
Source: Pixabay

Ever peeked inside the mind of a hacker? Taking egoistic pleasure to prove a point, some bad actors have strong intentions behind their endeavors. In a post shared on Medium by user Trevor Adcock, the hacker claimed to have been the mastermind behind a $4.5 Billion forge of Bored Ape Yacht Club NFTs. Here’s how he did it.

The hacker claims to have copied the entire collection of Bored Ape Yacht Club NFT by using two outlets – the image and the smart contract that tracks who owns the image. The hacker first copied the artwork for the NFTs a decentralized file storage system called IPFS and then forged the Ethereum smart contract to reflect the copied images.

The hacker then used a find and replace for “Bored Ape Yacht Club”, replaced it with “Stolen Ape Yacht Club”, and then deployed the smart contract on the Polygon network. In the next couple of minutes, 4 misguided users minted hundreds of these ‘forged’ apes for free.

“With about an hour of work, I had a complete technical copy (plus my small improvements) of the most lucrative NFT collection on the planet.”

The NFT punch-line?

A hacker’s motive would seem quite straightforward in hindsight. Use your technical skills to comprise a network and make away with stolen funds. However, some might argue that hackers have deep-rooted intentions for their actions. Talking about ownership – the hacker used his actions to discuss his opinion on what owning an NFT truly means.

The hacker argued that in reality, ownership of an NFT is a flawed concept and it is governed by a centralized United States Government which hands out Intellectual Property rights and by decentralized marketplaces like OpenSea which choose to list certain NFTs for sale. He further claimed that NFT sellers sell ‘exclusivity’ and those who buy do so to become part of a community.

Ending on a narcissistic rant, the hacker pleaded authorities to send a cease and desist letter, saying that have made it ‘super easy’ to warrant one. However, he argued that institutions ‘would effectively throw the gospel of decentralization out the window’ should they choose to do so.