OpenSea Users Fell Victim to Phishing Attack, Losing Millions of Dollars Worth NFTs
Evening
So, worlds largest NFT marketplace OpenSea is investigating a phishing attack that resulted in hundreds of NFTs getting stolen. As per data compiled by the blockchain security service PeckShield over 254 NFTs were stolen, including Decentraland, Bored Ape Kennel Club
and Bored Ape Yacht Club NFTs.
The exact cost of all the stolen NFTs have not yet been ascertained, but the perpetrator have sold some NFTs worth $1.7 million of ETH so far. 32 users have been reported to lose their assets.
Devin Finzer, co-founder and CEO of OpenSea tweeted:
The smaller scale of the exploit backs the OpenSea claim that the hack is not connected to the platform and instead a phishing attempt that got successful.
Preliminary investigations revealed that the attacker exploited a flexibility on the Wyvern Protocol, the open source dex standard underlying most NFT smart contracts. The exploiter was able to get NFTs owners general authorization on a partial contract with many spaces left blank and once the hacker had the user signature he filled out the contract transferring NFTs ownership to their account without payment. Simply speaking hacker got the users to sign a blank check and once signed they filled out rest of the details.
The phishing attack happened at a meticulous timing, as on Friday OpenSea released a new smart contract asking their users to migrate to it. The victims may had received phishing emails posing to be official, asking them to sign a new contract that effectively resulted in them losing their assets.
Further investigations are underway, meanwhile OpenSea has urged their users to always use Official OpenSea website and to be on careful with fishy emails.
Posted Using LeoFinance Beta
Congratulations @xabi! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s):
Your next target is to reach 210000 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPCheck out the last post from @hivebuzz:
Support the HiveBuzz project. Vote for our proposal!
Just NFTs were stolen? Nothing of value was lost then, I see, ha ha.
NFTs worth millions!
I will be celebrating once the NFT art bubble finally pops. NFTs have so many practical applications they could be using the tech for, such as ticket sales, cross-game items, real life memberships, proof of credentials, awards, etc. And yet those uses are like 0.001% of NFTs, instead we squander this technology on blurry jpegs of cartoon monkeys smoking to launder cash. It is embarrassing and reflects poorly on the crypto space, the same way that worthless shitcoins with cartoon dogs on them make the market look like a joke. The more money is lost, the better, it is the only way we will end this illogical nonsense.
This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.
Do you know that you can earn a passive income by delegating your Leo power to @india-leo account? We share 100 % of the curation rewards with the delegators.
Please contribute to the community by upvoting this comment and posts made by @indiaunited.