Yuga Labs Rescues $500K in NFTs as Bitget Recovers $32.3M in Anti-Scam Push

Crypto News

Yuga Labs executed an emergency white-hat operation this weekend, pulling 68 blockchain-based NFTs worth more than $500,000 out of harm's way before attackers could finish draining them. The rescued assets include 29 Bored Apes, four Mutant Apes, and two CryptoPunks, all now held in Yuga custody until they can be returned to their rightful owners. The collection became exposed after an exploit struck Flooring Protocol, an NFT liquidity venue. Yuga's intervention preserved some of the most valuable blue-chip lines on Ethereum, with the 29 Bored Apes alone accounting for roughly $441,000 of the recovered total.

The attack began with only a dust amount of Wrapped Ether and escalated through a flaw in the protocol's packed accounting logic. Flooring lets users lock NFTs in exchange for fungible fpTokens pegged one-to-one to deposits, functioning much like an automated market maker for illiquid collectibles. By crafting a malicious token ID, the attacker triggered what Yuga's blockchain lead described as a ghost ownership state, where verification checks passed while internal bookkeeping diverged. Two unchecked underflows then wrapped the balance to an enormous figure, collapsing fpToken prices toward zero and emptying the affected pools within minutes.

Researchers subsequently uncovered a second attack path that threatened higher-value pools holding flagship collections, vaults that had survived the first wave only because they carried thin liquidity. With Bored Ape floors near 8.95 ETH and CryptoPunks above 32 ETH, the potential losses were severe enough to justify a defensive counter-operation. Timing compounded the danger: the exploit landed over the weekend, when fewer security teams actively monitor on-chain activity. The episode underscores a recurring weakness in DeFi primitives, where accounting bugs in tokenized-asset wrappers can convert negligible capital into protocol-wide drains in a single transaction.

On the centralized side of the market, Bitget opened its Anti-Scam Month 2026 campaign under the theme "More Assets, Stronger Shield. Stay Safe in the Multi-Asset Era." The annual initiative arrives as exchanges broaden beyond pure crypto into wider multi-asset offerings, expanding both user access and the attack surface that comes with it. Chief Legal Officer Hon Ng framed security as a shared responsibility that scales alongside product growth, citing continuous risk monitoring, rapid response, and cross-industry cooperation. The launch coincided with the release of the platform's full-year 2025 protection results, intended to demonstrate measurable defensive outcomes rather than messaging alone.

Those figures point to an intensifying threat environment. Across 2025, Bitget reported intercepting more than 150 million malicious attack requests, flagging over 13,000 high-risk IP addresses, and handling 18,135 individual user protection cases. The platform said its security team helped users recover approximately $32.3 million tied to fraud and security incidents over the year. The data reflects how organized scam operations have shifted toward higher-volume, automated targeting, forcing exchanges to treat fraud prevention as a continuous operational function rather than a periodic compliance exercise tucked behind cold wallet custody arrangements.

Bitget also detailed the infrastructure behind those numbers, citing more than 2.8 billion interceptions through custom protection rules and over 1.5 billion mitigated DDoS attempts. The exchange expanded passkey authentication built on FIDO2 and WebAuthn standards, widened multi-factor coverage for high-risk actions, and added machine-learning behavioral analysis to surface emerging threats. Education featured heavily as well: anti-scam campaigns across 2024 and 2025 reached roughly 1.38 billion users, supported by an expanded Anti-Scam Hub, a public bug bounty program, and interactive efforts such as the Smarter Eyes Challenge designed to sharpen user awareness of evolving fraud tactics.

Taken together, these developments sketch the dominant security narrative of the current cycle: as value migrates across NFTs, tokenized liquidity, and multi-asset platforms, defenders are increasingly expected to act in real time rather than after the fact. Yuga's weekend counter-operation and Bitget's annual disclosure represent two faces of the same shift, white-hat intervention at the protocol layer and institutional-scale monitoring at the exchange layer. With attackers exploiting both code-level accounting flaws and human error, the industry's maturation is now being measured less by speculative upside and more by how quickly and transparently platforms can contain losses when systems fail.