NFT Marketplace Mintable has set a new standard for the NFT industry by locating three Azuki NFTS stolen during last week’s OpenSea Phishing attack. One former NFT owner is suing OpenSea for $1m as platform vulnerabilities leave NFT holders exposed to cybercrime.
Mintable, an NFT marketplace that tracked down NFTs stolen during a heist on rival OpenSea NFT marketplace is looking for their legitimate owners so it can reunite them.
According to a press release by Mintable, the team was acquiring Azuki NFTs on NFT marketplace LooksRare for its February Floor Buster flash sale when it found and purchased Azukis #1178, #4176, and #1180. Mintable purchased them for around $13.35 each, intending to return them to their previous owners.
All their net worth is tied up in their NFTs
In an announcement, Mintable said that it “would like to return them to their previous holders.” Since it identified the NFTs as part of a $1.75 million haul of NFTs stolen from OpenSea users on February 19, Mintable founder and CEO Zach Burks said on Twitter:
“This exploit was possible because of a bug on OpenSea. If OpenSea isn’t going to make it right, someone has to […] for some of these people, all their net worth is tied up in their NFTs, and it’s horrible to have them stolen […] we like the Azuki community, and we want to help give back to the people who lost over $140,000 through the exploit.”
Users had unwittingly “signed a malicious payload from an attacker
Leading NFT marketplace OpenSea experienced a Phishing attack last week where at least $1.75 million worth of NFTs was stolen. While the heist was originally described as an exploit, OpenSea CEO Devin Finzer later explained that the users were the victims of a phishing attack that “did not originate” from OpenSea. According to Finzer, the users had unwittingly “signed a malicious payload from an attacker, and some of their NFTs were stolen.”
The OpenSea NFT heist is not the first one targeting the marketplace; the firm has experienced numerous attacks and a surge in plagiarism and fake and spam NFTs. An aggrieved former owner of a Bored Ape Yacht Club NFT has filed a lawsuit against OpenSea and is demanding $ 1 million in compensation.
The bugs highlight the security risks in Web 3 apps
The plaintiff claims that OpenSea knew about the bug that enabled hackers to steal the NFTs but continued to operate instead of shutting down the platform to address the vulnerability. A bug on the OpenSea network allowed a hacker to steal $750,000 in ETH from the site, as users could list items at drastically lower prices.
Repeated attacks and loss of NFTs could jeopardize the position of OpenSea in the months to come. For OpenSea, addressing vulnerabilities will be business-critical. OpenSea trading activity reportedly took a hit in response to the phishing attack.
The bugs highlight the security risks in Web 3 apps because this tech is so new. OpenSea is the largest NFT marketplace, hosting most of the $31.4 billion in NFTs. Moreover, the entity behind it has a valuation of $13.3 billion after its most recent funding round.
Tom is a freelance writer with over 10-years’ experience in content creation, blog writing, and SEO specializing in the blockchain and cryptocurrency niche. As a philosophical figurehead, he believes that to make our world a better place, we must invest in incorruptible products and procedures, of which Bitcoin and other cryptocurrencies are leading examples.