Friday, July 1, 2022
About us | Contact
Blockzeit
  • bitcoinBitcoin(BTC)$19,285.320.09%
  • ethereumEthereum(ETH)$1,050.841.55%
  • binancecoinBNB(BNB)$217.362.96%
  • SolanaSolana(SOL)$32.280.44%
  • dogecoinDogecoin(DOGE)$0.0650470.55%
  • Home
    • Business
    • Politics
  • Markets
  • Investing
  • Technology
  • Trends
  • NFTs
    • Metaverse
  • Education
    • Glossary
    • Buy Crypto
      • Buy Cardano
  • Events
    • Metaverse Events
No Result
View All Result
  • EnglishEnglish
    • EnglishEnglish
    • DeutschDeutsch
    • PortuguêsPortuguês
  • Home
    • Business
    • Politics
  • Markets
  • Investing
  • Technology
  • Trends
  • NFTs
    • Metaverse
  • Education
    • Glossary
    • Buy Crypto
      • Buy Cardano
  • Events
    • Metaverse Events
No Result
View All Result
Blockzeit
No Result
View All Result
Home NFTs
hack 5332845 960 720

hack 5332845 960 720

Hacker Steals NFTs worth $1.7 Million in Phishing Attack Targeting OpenSea Users

Tom Nyarunda by Tom Nyarunda
February 21, 2022
in NFTs
Reading Time: 3 mins read
0
Share on FacebookShare on TwitterShare on LinkedinShare via WhatsappShare via Email

OpenSea says 32 users lost up to 254 tokens over at least three hours last Saturday when the hacker was on the loose. The damage is estimated at $1.7 million.

A hacker who carried out a phishing attack caused late-night panic among OpenSea users after stealing NFTs worth over $1.7 million. Company officials from the world’s largest NFT marketplace made great efforts on Sunday to reassure users that it was safe to mint, buy, list, and sell NFTs on OpenSea. However, they maintained that an investigation was ongoing.

According to a tweet by OpenSea co-founder and CEO Devein Finzer, the hacker attempted to trick 32 users into signing a malicious payload that authorized the transfer of their NFTs for free to the attacker. Finzer, who said he didn’t yet know where the attack occurred, affirmed that OpenSea was confident they were dealing with a phishing attack outside OpenSea. He stated: 

As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.

— Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022

“We have confidence that this was a phishing attack […]; we don’t know where the phishing occurred, but we’ve been able to rule out a number of things based on our conversations with the 32 affected users.”

Persuaded to sign a malicious contract

The attacker sent what looked like official emails from OpenSea to the affected users asking them to transfer their Ethereum listings to a new smart contract. According to a spreadsheet compiled by Blockchain security service PeckShield, the stolen NFTs are tokens from the Bored Ape Yacht Club and Azuki collections. One estimate by Molly White, the creator of the Web3 is Going Great blog, pegged the haul at 641 Ethereum. 

Though unconfirmed, the @opensea hack is most likely phishing. Users authorize the "migration" as instructed in the phishing email and the authorization unfortunately allows the hacker to steal the valuable NFTs… pic.twitter.com/Fj5d9ImC2r

— PeckShield Inc. (@peckshield) February 20, 2022

What must have added to the confusion was the fact that OpenSea was actually in the process of asking users to transfer their NFTs from the Ethereum blockchain to a new smart contract, making the emails seem to be legitimate. As soon as the affected users clicked the email, they were persuaded to sign a malicious contract that allowed the attacker to take their NFTs and flip them, according to a site called “Web3 is going just great.

Victims had signed the malicious orders before OpenSea carried out its migration

OpenSea’s chief technology officer Nadav Hollander provided a technical rundown of the attack on Sunday. He dismissed the possibility that the attack was linked to the migration to the new Wyvern contract system. He said that the victims had signed the malicious orders before OpenSea carried out its migration and “are unlikely to be related to OpenSea’s migration flow.” Hollander explained: 

“32 users had NFTs stolen over a relatively short time period. This is extremely unfortunate, but suggests a targeted attack as opposed to a systemic issue […] we are actively helping affected users and discussing ways to provide them additional assistance.”

The company recently raised $300 million in new funding on a valuation of $13.3 billion on Jan. 4. It was noted that the valuation was remarkable and reflective of the mania surrounding NFTs. It’s not surprising that hackers would target web3 and NFT holders on the OpenSea marketplace, given the surge in the popularity of NFTs and the OpenSea marketplace.

1a49ddd7 d169 48a0 a252 3fc3a2ad01bb 1
Tom Nyarunda

Tom is a freelance writer with over 10-years’ experience in content creation, blog writing, and SEO specializing in the blockchain and cryptocurrency niche. As a philosophical figurehead, he believes that to make our world a better place, we must invest in incorruptible products and procedures, of which Bitcoin and other cryptocurrencies are leading examples.

Previous Post

What Is NFT Staking?

Next Post

Pocket Network Becomes Primary Infra Provider To Fuse’s DeFi Blockchain

Related Posts

Arbitrum Odyssey

Arbitrum Odyssey: How to Participate and Earn 17 Exclusive NFTs for Free

by Vincent Munene
June 24, 2022
0

Arbitrum is a layer-2 blockchain that Offchain Labs built. Following Optimism's footsteps, Arbitrum might be conducting their airdrop soon. The...

NFT

Top 5 Blockchains for NFT Development

by Jay Speakman
June 23, 2022
0

NFTs, like all blockchain technology, can be used for a variety of practical purposes, including, gaming, document authentication, ticket scalping...

social media nft

The Role of Social Media in the Sale of NFTs

by Jay Speakman
June 21, 2022
0

Social media has a vital role in determining the popularity of assets and the NFT market is replete with examples...

Load More

Get updates to your inbox!

Subscribe to our mailing list to receive daily updates!

FOLLoW US:

Blockzeit Logo 10 1

Blockzeit was founded in 2021 in Switzerland with the mission of bridging the gap between the complex blockchain technology and the general public. Blockzeit is a news and education platform that aims to make blockchain more accessible and bring more transparency to the scene.

Popular Categories

Categories
  • Bitcoin News
  • Business
  • Buy Crypto
  • Education
  • Investing
  • Markets
  • Metaverse
  • NFTs
  • Politics
  • Press Release
  • Switzerland
  • Technology
  • Trends

Important Links

  • Privacy Policy
  • Disclaimer
  • About us
  • Contact us
  • Blockchain Jobs
  • Events

Contact & Social

For guest posts, contact us via info@blockzeit.com

 

Contact: info@blockzeit.com
Press: press@blockzeit.com

Facebook Twitter Linkedin Instagram
  • Home
  • Markets
  • Investing
  • Technology
  • Trends
  • NFTs
  • Education
  • Events
© Copyright by Blockzeit.com. All rights reserved.

Disclaimer

No Result
View All Result
  • Home
    • Business
    • Politics
  • Markets
  • Investing
  • Technology
  • Trends
  • NFTs
    • Metaverse
  • Education
    • Glossary
    • Buy Crypto
      • Buy Cardano
  • Events
    • Metaverse Events
  • DeutschDeutsch
  • PortuguêsPortuguês

© 2021 Blockzeit by Blockzeit.