Thursday, November 21, 2024

Nearly 35 million pesos in NFT were stolen from OpenSea users with a phishing attack, which they thought was account verification

Saturday afternoon, a Steal hundreds of NFTs For different users of the platform open sea. According to the Blockchain Security Service Picshieldshe was 254 tokens obtained during the attack to 32 users in total.

Some of the groups were special symbols of Decentraland And the boredom monkey yacht clubwhich according to blog estimates Web3 runs greatrises to the value of Over 1.7 million dollarsEquivalent About 34.5 million pesos at the current exchange rate.

According to the CEO Be Finzer On his Twitter account, the attack appears to have benefited from the flexibility yvern protocolOpen source standard In most NFT smart contractswhich is also used by OpenSea.

This is how they benefited from their owners

the user Tweet embed Devoting himself to analyzing the theft, the attacker sent an email to thousands of platform users using the domain [email protected], a domain very similar to the one officially used by the service, Trick them into signing the contract The pretext of preventing their “unverified” accounts from being suspended.

This is the so-called mail that users would have received

In this partial contract, General permission granted in blank partswhich, after obtaining the signature of the original users, complete a link to their own contract, thus transferring the ownership of the NFTs without any payment or commission.

This is it Equivalent to signing a blank checkwhich was then used to take his possessions.

See also  LVMH stops deliveries to Russia

OpenSea says its platform hasn’t been hacked

It is not yet clear exactly what method was used to get the victims to sign a half-empty contract, but Finzer noted that the attackers Not originated from the OpenSea websitetheir own listing systems or from some corporate email.

Currently, Finzer has asked via Twitter that if anyone has information that could be useful, it will be sent to OpenSea support so that Additional information will be shared When analyzing the attack.

Now, upon entering Attacker’s walletObservable Alert indicating possible link to thefteven with tokens in and out on Sunday, February 20th, which were flagged as phishing transactions.

picture: Variety stock photos

Latest news
Related news