Leading NFT Platform OpenSea Target Of Phishing Attack, Hackers Burglarize NFT Contracts

OpenSea, the leading nonfungible token platform, was reportedly a target of a phishing attack as hackers burglarized NFT contracts.

The Feb. 19 hack came just as OpenSea was upgrading its system with a new smart contract, CoinTelegraph reported.

NFTs represent real-world objects such as art, music, in-game items and videos. They are often bought with cryptocurrency and generally encoded with the same underlying software as many cryptos. They are an increasingly popular way to buy and sell digital artwork.

OpenSea’s smart contract upgrade requires users to migrate their listed NFTs from the Ethereum blockchain to a new smart contract. With the upgrade, users who don’t migrate over from Ethereum risk losing their old, inactive NFT listings.

Soon after OpenSea’s upgrade announcement, it became the victim of an attack that targeted the soon-to-be-delisted NFTs, according to multiple sources.

It is rumored that NFTs worth more than $200 million were stolen, but according to the company, only $1.7 million worth of Ether has been stolen.

Attackers used phishing emails to steal the NFTs before they were migrated over OpenSea’s new smart contract, CoinTelegraph reported.

While OpenSea co-founder and CEO Devin Finzer did acknowledge the phishing attack, he said the “hack was never a hack; users fell for phishing scams,” Business Insider reported.

Listen to GHOGH with Jamarlin Martin | Episode 74: Jamarlin Martin Jamarlin returns for a new season of the GHOGH podcast to discuss Bitcoin, bubbles, and Biden. He talks about the risk factors for Bitcoin as an investment asset including origin risk, speculative market structure, regulatory, and environment. Are broader financial markets in a massive speculative bubble?

Finzer confirmed that 32 users had lost NFTs so far. Finzer asked affected users to reach out to the company. “If you are concerned and want to protect yourself, you can un-approve access to your NFT collection.”

OpenSea says it is still investigating the incident.

“As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen,” Finzer tweeted.

Photo Credit: Golden Sikorka/ iStock

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button