NFT News

OpenSea Hack Appears To Be Phishing Attack

The whole NFT community was shaken in the last week of February 2022 as a perceived phishing attack occurred in one of the world’s largest NFT marketplaces. People were in panic mode as over 254 tokens stolen were recorded in a spreadsheet by blockchain security, Peckshield, in a news release by The Verge.

Today, we take a deeper look into OpenSea and how it will impact the NFT space in general. If you’re new to the world of NFTs, you’re in the right place! Continue reading below to find out all the latest blockchain news and to be in the know in all things crypto. 

How Did the OpenSea Hack Happen?

Early on Saturday, February 19, 2022, 254 tokens were reportedly stolen within three hours which alerted the NFT community. It was estimated that almost USD200 million worth of NFTs were compromised and stolen, which was later cleared by Devin Finzer, CEO and Co-founder of OpenSea. 

The company investigated the attack even further and assured that it no longer appeared to be active. “We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen,” Finzer adds in his Tweet

In some sources, the attack seemed to exploit a portion of the Wyvern Protocol, which happens to be an open-source standard that supports most NFT smart contracts, one of them being OpenSea. Finzer describes the attack as orchestrated in two parts: prospective victims signed a partial contract with general authorization and large portions were left blank. As soon as it is signed, hackers would then complete the contract with their own contract transferring ownership of the NFT sans payment.

What happens is that hacking victims sign a blank check that later is filled in by the hacker to seize their holdings.

OpenSea’s Official Word and of the Phishing Attack to the NFT space 

In a series of tweets by OpenSea’s CEO, Devin Finzer, it was said that the company conducted a thorough investigation into the incident. Finzer states, “As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.”

Finzer later mentioned that the hackers scammed users by employing a phishing attack through malicious emails sent to its unknowing victims. They later had access to passwords and sensitive personal details used to get into their accounts. 

gmBlockchain’s Thoughts

While great strides are made to ensure the safety of users’ digital assets in the metaverse, hackers and scammers are becoming wiser in figuring out ways to circumvent security protocols online. This leaves users in a vulnerable position with their digital currencies and investments stored online.

That said, companies working in the NFT space must collaborate together with their users and other cybersecurity organizations in ensuring everyone’s digital safety. Users must also be vigilant, especially when transacting online—this includes safekeeping their personal and financial data to avoid scamming and data phishing.

As always, don’t forget to subscribe to gmBlockchain and get all the latest news and updates fresh from the crypto world!

Adrina

Adrina is a fitness and tech enthusiast currently exploring the wonders of blockchain development and NFTs. Between covering tech stories and the latest NFT drops, she enjoys working on her CrossFit journey.

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button