World’s main NFT market acknowledged an assault however denied it had been hacked for $200 million value of NFTs.
OpenSea co-founder and CEO Devin Finzer confirmed this was a phishing assault and never a breach on its web site.
He mentioned that at the least 32 customers had been duped into clicking a malicious hyperlink.
Blockchain safety agency PeckShield mentioned the attacker managed to “wash” $2.9 million value of NFTs on the time of this replace.
OpenSea, the world’s largest NFT market, has mentioned its investigating a phishing assault that noticed attacker(s) steal non-fungible tokens (NFTs) from customers.
Whereas the platform’s co-founder and CEO Devin Finzer confirmed there had been an assault, he mentioned it was not a network-wide breach however a phishing assault. In keeping with Finzer, at the least 32 customers had misplaced their NFTs to the attacker.
The OpenSea chief mentioned that rumours of a $200 million hack on the main NFT market have been false.
“So far as we will inform, it is a phishing assault. We don’t consider it’s linked to the OpenSea web site. It seems 32 customers to this point have signed a malicious payload from an attacker, and a few of their NFTs have been stolen,” he famous on Saturday evening following stories of the assault.
Peckshield appeared to come back to the identical conclusion that the theft resulted from a phishing assault involving person e-mail addresses. The assault originated “outdoors of OpenSea’s web site,” the agency famous.
The “exploit” occurred as customers ‘migrated’ their NFT listings to a brand new sensible contract as notified by the OpenSea staff.
“Customers authorize[d] the “migration” as instructed within the phishing e-mail and the authorization sadly permits the hacker to steal the dear NFTs…,” Peckshied defined.
Finzer mentioned that the attacker had managed to promote a number of the stolen NFTs for ETH, amounting to about $1.7 million on the time.
An replace from blockchain safety and knowledge analytics agency Peckshield on Sunday morning confirmed the scammer had managed to scrub about 1,100 ETH, amounting to roughly $2.9 million.
The @opensea scammer simply made use of @TornadoCash to scrub 1,100 ETH…https://t.co/eQCopgqx43 pic.twitter.com/8KB6QxBC8P
— PeckShield Inc. (@peckshield) February 20, 2022
Among the many stolen NFTs traced to the attacker’s tackle have been items from Bored Ape Yacht Membership, Doodle, Cool Cats, and Azuki.
Comments are closed.