Over 200 NFT’s Stolen After Phishing On OpenSea Users
Over 200 NFT’s Stolen After Phishing On OpenSea Users a few days ago.
NFTs is one of the latest technological trends that has raised many questions than answers.
Questions like what is it about? What can I sell? How can I buy NFTs? And many others.
However, many people don’t know that many other things like security issues are coming up despite this noise and questions.
A few days back, OpenSea users were hacked, and some of their NFTs were stolen.
According to some claims regarding the breach, 254 tokens were stolen under the attack, on which 32 users were attacked.
Also, the estimated value of the stolen token was more than $1.7 million.
They said that the attack took place around 5 pm to 8 pm on Saturday. And it was due to a loop in a smart contract that underlines the sales of NFT.
Explaining the attack, Devin Finzer, CEO of OpenSea User, says that it was divided into two parts.
In the first part, the people attacked didn’t sign a full contract, general authorisation, and they had a large portion of the contract left blank.
They had signed a blank check.
The second part is that the attackers completed the uncompleted contract in alignment with their contract.
Since the signature was there, the payment of the NFT would be made by the attackers.
And this way, they were able to transfer the ownership of NFT without making any payment.
Interestingly, OpenSea User was about updating its contract system before the attack.
Although claims point out that the new attack originated from their new contract, the company has denied this.
Asides, the details of the attack still need findings, especially the method used by the phishers on stealing the NFTs.
They need to find out things like how they could make users sign an incomplete agreement.
However, the company’s CEO released on his Twitter that the company is looking into the issue to ‘learn more about the exact nature of the Phishing attack.’
Although, he is still keen that the company not originate the security breach.
ALSO READ: Add Background Music To Your WhatsApp Status: Three Best Ways
OpenSea User is a platform that provides a simple interface for people to list, browse and bid on tokens without interacting directly with blockchains.
After recent funding round, the company was valued at $13 billion and has become one of the successful companies in the NFT space.
However, big things come with big problems. And security has been one of the biggest problems of the platform.
They have faced attacks on some old contracts, and some tokens have been poisoned to seize and steal users’ valuable possessions.
Implication for you reading
The amount of security breaches going around the world is very alarming.
And this is to say; many people are looking for the wrong and quickest way to hit it big.
We need to take all these warnings given by platforms to help secure the platform or account from experiencing Phishing.
Asides, many platforms are looking for more ways to secure their systems from hackers. Not too long, Google defaults users to two-time authentication factors.
You must be logged in to post a comment Login