NFTs are also at risk of theft.
OpenSea is the great point of reference in the world of NFTbut that hasn’t stopped them from falling victim to a phishing attack in which hackers managed to obtain hundreds of tokens, worth more than 1.7 million dollars. A figure that could exceed $ 2.9 million if we take into account that the attackers have started selling the stolen NFTs in OpenSea.
This is the first cyber attack on a large NFT platform. Some blockchain-based tokens whose popularity has skyrocketed in recent years are not without problems and one of them is security.
As explained by the CEO of OpenSea, who is sharing many details about the incident, a “phishing attack” is being investigated which at the moment is no longer active. As initially described, there were 32 affected users, although this number has since been reduced to 17 users.
As far as we can tell, this is a phishing attack. We don? T believe it? S connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.
– Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022
The attack was produced by phishing, a technique in which a fake email is usually sent, making the user believe that it is an official action of the platform. When the data is entered, the hackers gain access to the account thus stealing the NFTs as well.
Devin Finzer, CEO of OpenSea, explained in detail what happened. The deceived users have signed a partial contract, with a general authorization. With that signature, the attackers concluded the contract with a call to their own contract, which transferred ownership of the NFTs without making any payments. In short, as described by the CEO of OpenSea, users have been tricked into signing a “blank check”.
Recently, users of Fractal, an NFT platform created by former Discord, also found themselves in a similar situation.
Source: Techspot
#OpenSea #hacker #group #steals #NFT #million