Yuga Labs has completed an emergency white hat operation to recover 68 high value NFTs after a security vulnerability in Flooring Protocol exposed several blue chip collections to potential theft.
Key Takeaways
- Yuga Labs recovered 68 NFTs that were at risk due to a vulnerability in Flooring Protocol.
- The rescued assets included Bored Ape Yacht Club, CryptoPunks, Mutant Ape Yacht Club, Azuki, Doodles, Moonbirds, Elementals, Captains, and BAKC NFTs.
- The company used its GrailsOTC trading desk to provide the funds and NFTs needed for the recovery effort.
- Yuga Labs plans to work with Flooring Protocol developers before returning the recovered NFTs to their rightful owners.
What Happened?
Yuga Labs stepped in after security researchers identified a vulnerability in Flooring Protocol that could have allowed additional NFT pools to be drained. The company quickly launched a white hat recovery operation, securing dozens of valuable NFTs before another attacker could exploit the flaw.
According to Yuga Labs CEO Michael Figge and blockchain security lead 0xQuit, the rescued assets are now being held securely while discussions continue with Flooring Protocol developers on a path to return them to their original owners.
We’ve just finished a whitehat operation on an exploit discovered in Flooring Protocol.
— figge (@mfigge) June 8, 2026
Now safely in the custody of Yuga Labs:
29 bored apes
4 mutant apes
1 bakc
2 cryptopunks
1 azuki
2 elementals
26 captains
1 moonbird
2 doodles@0xQuit, our VP of Blockchain recovered the…
Yuga Labs Moves Quickly to Secure Exposed NFTs
The emergency recovery operation targeted NFTs that remained vulnerable after an earlier exploit impacted Flooring Protocol. Researchers discovered that while some pools had already been drained, several collections with higher value assets remained exposed because liquidity conditions had prevented attackers from reaching them during the initial exploit.
Once the risk was identified, Yuga Labs coordinated a rapid response. The company said its over the counter trading desk, GrailsOTC, supplied the capital and NFT inventory required to execute the rescue operation before malicious actors could take advantage of the vulnerability.
The recovered assets included:
- 29 Bored Ape Yacht Club NFTs
- 4 Mutant Ape Yacht Club NFTs
- 1 Bored Ape Kennel Club NFT
- 2 CryptoPunks
- 1 Azuki
- 2 Elementals
- 26 Captains
- 1 Moonbird
- 2 Doodles
According to Yuga Labs, the recovered collection represents more than $500,000 worth of NFTs.
Flooring Protocol Vulnerability Raises Security Concerns
The incident has renewed concerns about the security of NFT lending and fractionalization platforms.
Flooring Protocol allows users to unlock liquidity from NFTs through tokenized ownership structures. However, researchers found a flaw in the protocol’s ownership accounting system that created inconsistencies between ownership verification and internal record keeping.
According to 0xQuit, the bug could create what was described as ghost ownership, a situation where ownership checks appeared valid while the protocol’s accounting system recorded a different state. This mismatch could allow unsafe transfers and enable attackers to manipulate balances within the protocol.
A Flooring exploit today turned a dust amount of WETH into a near-infinite fpToken balance, allowing the attacker to drain Flooring pools.
— Quit (@0xQuit) June 8, 2026
This led to a followup opportunist scooping up tokens from the now depleted pools and exchanging them for underlying NFTs.
1/🧵
Researchers said the same category of flaw could potentially be used against additional NFT pools, creating an ongoing risk until a permanent fix is implemented.
Earlier Exploit Triggered Wider Investigation
The recovery effort followed a previous Flooring Protocol exploit in which an attacker reportedly transformed a small amount of wrapped ether into a massive fpToken balance. The exploit enabled pools to be drained and allowed opportunistic traders to acquire NFTs at steep discounts before selling them on secondary marketplaces.
Security firm SlowMist previously reported that exploits linked to Flooring Protocol resulted in approximately $8.43 million in losses during a period in December. Separate reports also suggested that NFTs worth roughly $1.5 million to $1.6 million were sold on Blur following earlier exploit activity.
The latest intervention by Yuga Labs may have prevented additional losses and helped avoid further pressure on floor prices across some of the NFT market’s most recognized collections.
Next Steps for Asset Recovery
Yuga Labs said the recovered NFTs will remain in secure custody while the company coordinates with Flooring Protocol developers on a technical recovery plan.
Michael Figge stated that potential solutions could include protocol level changes, contract updates, or other measures agreed upon with the development team. No final timeline for the return process has been announced.
The company also warned NFT holders not to deposit additional assets into Flooring Protocol until the vulnerability has been fully addressed.
Yuga Labs credited 0xQuit, CoffeeDev, GrailsOTC, and other contributors for helping identify the threat and execute the recovery operation.
CoinLaw’s Takeaway
In my experience, this story highlights how important proactive security teams have become in the NFT industry. While exploits continue to target increasingly complex protocols, the speed of Yuga Labs’ response likely prevented a much larger loss event.
I found the most important takeaway is not just the recovery of 68 NFTs, but the reminder that NFT financialization platforms can introduce risks that many users may not fully understand. As protocols become more sophisticated, security reviews and real time monitoring will become even more critical for protecting digital assets.
