Saturday afternoon, a Steal hundreds of NFTs For different users of the platform open sea. According to the Blockchain Security Service Picshieldshe was 254 tokens obtained during the attack to 32 users in total.
Some of the groups were special symbols of Decentraland And the boredom monkey yacht clubwhich according to blog estimates Web3 runs greatrises to the value of Over 1.7 million dollarsEquivalent About 34.5 million pesos at the current exchange rate.
According to the CEO Be Finzer On his Twitter account, the attack appears to have benefited from the flexibility yvern protocolOpen source standard In most NFT smart contractswhich is also used by OpenSea.
This is how they benefited from their owners
the user Tweet embed Devoting himself to analyzing the theft, the attacker sent an email to thousands of platform users using the domain [email protected], a domain very similar to the one officially used by the service, Trick them into signing the contract The pretext of preventing their “unverified” accounts from being suspended.
This is the so-called mail that users would have received
In this partial contract, General permission granted in blank partswhich, after obtaining the signature of the original users, complete a link to their own contract, thus transferring the ownership of the NFTs without any payment or commission.
This is it Equivalent to signing a blank checkwhich was then used to take his possessions.
OpenSea says its platform hasn’t been hacked
It is not yet clear exactly what method was used to get the victims to sign a half-empty contract, but Finzer noted that the attackers Not originated from the OpenSea websitetheir own listing systems or from some corporate email.
As far as we can tell, this is a phishing attack. We do not believe it is connected to the OpenSea website. So far 32 users seem to have fallen for a malicious payload from an attacker, and some of their NFT items have been stolen.
– Devin Finzer (@dfinzer.eth) (@dfinzer) February 20 2022
Currently, Finzer has asked via Twitter that if anyone has information that could be useful, it will be sent to OpenSea support so that Additional information will be shared When analyzing the attack.
Now, upon entering Attacker’s walletObservable Alert indicating possible link to thefteven with tokens in and out on Sunday, February 20th, which were flagged as phishing transactions.
picture: Variety stock photos
“Unapologetic pop culture trailblazer. Freelance troublemaker. Food guru. Alcohol fanatic. Gamer. Explorer. Thinker.”
