There have been many incidents of breaches and exploits in the NFT world recently, but today's story is particularly interesting. The highly anticipated NFT project auction was disrupted by an attack and a smart contract glitch, leaving the team with $33 million that cannot be accessed.

However, the exploit was carried out by someone intending to expose a flaw in the project, not to steal funds through a hack.

Over the weekend, an exploit, and a bug harmed the NFT project Akutars, resulting in the permanent locking of over 11,500 Ethereum (ETH) worth over $33 million within a smart contract, rendering it unreachable even to the development team.

Aku Dreams is a 3D avatar NFT collection based on the original character Aku by Micah Johnson, the Major League Baseball player. The character Aku is a young black boy who dreams of becoming an astronaut. The collection was inspired by a question posed by Johnson's nephew.

The first Aku NFTs were released on Nifty Gateway in February 2021, and it told a story of an imaginative boy with a space helmet across ten chapters. Aku's stellar debut was aided by a wave of support from the black crypto community, including leaders of Crypto for Black Economic Empowerment (CBEE).

Aku's portrayal challenges the idea that dreams are exclusive to certain social identities. Aku was optioned for TV and film less than two months after its debut. While the terms of the arrangement have not been made public, there were reports that Johnson has signed an option agreement with Anonymous Content, the studio behind Eternal Sunshine of the Spotless Mind, Spotlight, The Revenant, True Detective, Mr Robot, and a slew of other films.  Aku was also chosen for a live Aku World event in Miami during Art Basel last December.

The Akutars project spans 15,000 Ethereum avatars with unique traits, with owners of earlier Aku NFTs granted a free avatar for each piece they held. The remaining 5,500 avatars NFTs went for sale via a Dutch Auction format on Friday, with prices starting at 3.5 ETH (about $10,350 at the time) and rapidly falling.

Now, what exactly transpired during the attack? Let's break it down:

• As soon as the launch began, Hasan, a Twitter user, warned of a problem with the smart contract.

• The suspected attack was then triggered by someone going by the handle USER221, halting both Ethereum withdrawals and refunds from the contract.

• there came a note urging the developers to "please do bug bounty on your contracts or have them audited at least."

• USER221 sent a separate note attached to an Ethereum transaction, saying they would effectively unlock the project.

• The project started working again, but then a new bug appeared.

• Creators said they would issue refunds this week and airdrop the NFTs to buyers using a new smart contract.

A flaw in the Aku developers' smart contract code fails to account for numerous NFT mints within the same transaction, as described in 0xInuarashi's thread. The contract requires the numbers to line up properly to allow withdrawals of any type.

Aku's developer team quickly responded on Twitter, taking responsibility for the code and saying that the bug "was not done maliciously" and that the individual "wanted to draw attention to recommended practices for highly public projects."

In addition, the business announced that pass holders would receive a refund of 0.5 Ethereum, and successful bidders would receive the NFT through an airdrop.

Crypto Exchange Injective Rolls Out BAYC Perpetuals Amid Heated NFT Market

Crypto derivatives exchange Injective Pro said on Thursday that it had listed perpetual contracts based on Bored Ape Yacht Club NFTs to make them more accessible to the general public. Injective Pro is the first major decentralized application built on the Injective blockchain that offers cross-chain margin trading, derivatives and forex futures trading, including perpetuals.

The exchange also boasted that their BAYC listing was the "first-ever" to deliver an NFT (non-fungible token) floor price perpetual to market.

Crypto perpetuals are a type of derivative arrangement that allows investors to buy or sell a digital asset for a certain amount at a future date. They are different from futures contracts because they allow a person to keep the contract indefinitely.

According to the project's floor pricing on marketplace OpenSea, the minimum price for a single Bored Ape NFT for immediate purchase is 127.7 ETH, or nearly $378,000.

The latest perpetuals from Injective Pro will attempt to decrease the entry hurdle by allowing retail investors to speculate on the floor price of NFT collections without having to hold the underlying asset.

"Just like NFTs, we believe that with an intuitive product and education on the true value of an NFT floor perpetual market, users will be able to benefit from this innovative technology without needing to know all the intricacies of how perps work," Injective CEO Eric Chen told Blockworks.

Users will be able to execute long or short positions of a particular NFT project starting at $1. This would allow more users to gain exposure to high-value assets or hedge against NFT market volatility, Injective said.

Animoca Brands 'Not Done Acquiring' Studios to Make NFT Games: Chairman

Animoca Brands not only invests in blockchain gaming and NFT firms, but it also distributes its NFT-powered games, such as The Sandbox, an Ethereum-based metaverse experience. Animoca, on the other hand, has been on a significant purchase spree. Animoca has acquired Eden Games, Darewise Entertainment, and Grease Monkey Games since the beginning of the year. And there's a chance there'll be more.

"We're not done acquiring...What we're looking to do is to acquire companies in different fields of gameplay in which we don't quite have the exposure." Animoca Brands founder and Executive Chairman Yat Si

Eden and Grease Monkey are also racing games, which fit nicely with Animoca's existing REVV token ecosystem, including REVV Racing on Polygon and MotoGP Ignition on Flow. Torque Drift 2, the upcoming game by Grease Monkey, will also be part of the REVV ecosystem.

Meanwhile, Darewise is a French business created in part by former Ubisoft developers, and its first project is Life Beyond. This massively multiplayer online role-playing game will use NFTs for in-game products. An NFT is a digital item's deed of ownership, and it can contain avatars, weapons, vehicles, apparel, and virtual land.

According to Siu, with NFT-powered games, Animoca might extend across dozens more genres. First-person shooters (FPS) and Japanese role-playing games  (JRPGs) are two genres the company is considering. He also argued that moving away from a standard video game business model can be challenging. Rather than aiming for tens of millions of dollars in primary sales from a high-end title, blockchain games rely on a small percentage of a much bigger tally of secondary peer-to-peer transactions—potentially worth hundreds of millions or billions of dollars.