Stock Groups

What you need to know By BTC Peers

February 21, 2022February 21, 2022 by Mike Robinson

[ad_1]

OpenSea’s phishing attack: What you need to know

After reports of a massive phishing attack on OpenSea’s NFT marketplace, NFT communities were set ablaze over the weekend. OpenSea claims that while earlier reports suggested that an attacker stole more than $200 million from the NFT marketplace, OpenSea confirmed that 17 people were actually affected. The net loss to victims is estimated at $1.7 million.

The latest attack coincided with OpenSea’s recent smart contract upgrade. NFT’s largest marketplace stated that Friday was the launch date for a new smart contract. It required users to migrate their listings prior to February 25.

You can now sign the new contract! Start migrating your listings now: https://t.co/W1w9ciCK2D

— OpenSea (@opensea) February 18, 2022

The hacker used the upgrade to convince users to migrate their NFTs into his wallet using legit-looking Phishing emails.

PeckShield created a spreadsheet that shows the attacker took 254 NFTs, some Bored Ape Yacht Club NFTs, and escaped with the rest. Although OpenSea estimates that around $1.7 million worth of NFTs was stolen, PeckShield’s list puts the cumulative worth at around $3 million. Jelilat from Dune Analytics claims that the 37 Azukis stole the most NFTs during the attack.

Here is the list of NFTs stolen in @opensea phishing incidenthttps://t.co/s9OmiJu2m3 pic.twitter.com/xE1tFJnDMK

— PeckShieldAlert (@PeckShieldAlert) February 20, 2022

It appears that the OpenSea platform did not suffer from the phishing attacks. By authorizing “migration” as instructed in the phishing email, users were basically signing the transactions to steal their NFTs.

Via phishing emails, victims were directed by the attackers to a fake site. The attacker then gained control of their NFTs by signing approvals at Wyvern Exchange. In a blog post, the OpenDAO explained:

An attacker may have used users to their advantage by requiring them to sign a fake signature in order to authorise a private sales. [their] NFT at 0 ETH to the attacker’s wallet. It is unfortunate that no one ever sees the documents they have signed.

Continue reading on BTC Peers

Disclaimer: Fusion MediaThis website does not provide accurate and current data. CFDs include stocks, indexes and futures. Prices are provided not by the exchanges. Market makers provide them. Therefore, prices can be inaccurate and differ from actual market prices. These prices should not be used for trading. Fusion Media does not accept any liability for trade losses you may incur due to the use of these data.

Fusion MediaFusion Media and anyone associated with it will not assume any responsibility for losses or damages arising from the use of this information. This includes data including charts and buy/sell signal signals. Trading the financial markets is one of most risky investment options. Please make sure you are fully aware about the costs and risks involved.

[ad_2]

Post navigation

Ukrainian soldiers report intensified front-line shelling, fear ‘provocations’ -Breaking
Biden has started interviews for Supreme Court pick