OpenSea, the world’s largest NFT marketplace, was hit by a phishing attack that saw NFT’s millions of dollars being stolen from their accounts.
- NFT marketplace OpenSea suffers a phishing attack.
- OpenSea is yet to figure out the magnitude of the cyberattack.
OpenSea, the world’s largest NFT marketplace, was hit by a phishing attack that saw NFT’s millions of dollars being stolen from their accounts.
The attack targeted a series of NFTs on OpenSea on Sunday, including some from the famous collections like Bored Ape Yacht Club, Mutant Ape Yacht Club, and others.
OpenSea Co-Founder and CEO Devin Finzer confirmed the phishing attack and added that 32 users had lost NFTs.
“Blockchain records show that the attacker was able to transfer numerous NFTs from different users to their address for free. Stolen NFTs included examples from the Bored Ape Yacht Club, Mutant Ape Yacht Club, and several other popular collections. The attacker has already sold some of the NFTs, for example, this NFT from the Azuki collection for 13.4 ETH ($36,380). The attacker’s wallet currently contains more than 600 ETH worth nearly $2 million,” reported Motherboard.
According to PeckShield, threat actors may have started a phishing campaign using the migration process as bait.
OpenSea is investigating rumours of an exploit associated with OpenSea related smart contracts that attackers may have exploited.
The attack was associated with the announcement of the marketplace of a new smart contract upgrade with a one-week deadline aimed at delisting inactive NFTs on the platform.
Users have to migrate their listed NFTs from the ETH blockchain to a new smart contract to upgrade the smart contract. However, affected users started reporting suspicious activities hours after the upgrade announcement.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?