OpenSea Phishing Attack Affected 17 Users

  • The incident, which affected 17 users on OpenSea, is considered to be a phishing attack as all malicious orders had a valid signatures from the affected users.
  • The CTO of OpenSea also explained the attack had nothing to do with OpenSea’s smart contract upgrade, which began on Friday, as the orders were signed before the migration.
opensea on monitor

Shutterstock

Major non-fungible token (NFT) marketplace OpenSea has experienced an attack on Sunday, with 17 users of the platform having their NFTs stolen, though the source of the attack is still unknown, the marketplace said on Twitter on 21 February.

The NFT platform began investigating the issue in the early hours on Sunday, when it received reports of an exploit “associated with OpenSea related smart contracts”. The CEO of OpenSea, Devin Finzer, took to Twitter shortly after the initial report, noting that the incident was a form of a phishing attack, and that 32 users had been affected. Today the platform clarified that 32 users “interacted” with the attacker, and only 17 had their NFTs stolen. The platform tweeted:

The NFT marketplace further noted that the attacker no longer appears to be active, as there has been no activity on the malicious contract for over 15 hours. While the exact source of the attack is yet to be determined, OpenSea has claimed the attack originated “outside of OpenSea’s website”, and that all the transactions contained a “valid signatures from affected users”.

Some users have also speculated that the attack could be connected to OpenSea’s smart contract upgrade that started on Friday, and requires all users to move their listings on Ethereum to the new OpenSea smart contract. The CTO of the company, Nadav Hollander, explained that this scenario was highly unlikely, as the malicious orders were executed against the new contract, indicating they “were signed before the migration”.

Discussion
Related Coverage
Vitalik Says X Account Hacked Via SIM-Swap
  • Ethereum co-founder Vitalik Buterin has regained his T-Mobile account, which on Saturday was compromised by hackers and used to take over his X account.
  • On 9 September, hackers used a SIM-swap attack to take over Buterin’s X account, and siphon close to $700,000 in crypto by promoting a fake NFT giveaway.
September 12, 2023, 1:33 PM
Vitalik Buterin Proposes Creating an Ether Mixer

Ethereum co-founder and Vitalik Buterin speaks during TechCrunch Disrupt. 18 September, 2017, San Francisco, California.Steve Jennings/Getty Images for TechCrunch

Kroll Data Breach Compromises FTX, BlockFi Customer Information
  • A cyber security incident at bankruptcy service provider Kroll has resulted in the exposure of “non-sensitive” customer data for claimants involved in the FTX and BlockFi cases.
  • Both companies confirmed that account passwords, systems, and funds remained safe, but warned customers to be on the lookout for phishing scams.
Terra Freezes Website, Warns Against Phishing Scams
  • Blockchain network Terra said its website was compromised by hackers over the weekend, and warned users against ongoing phishing scams.
  • The platform later froze its website to prevent the hackers from exploiting it, and reminded users to avoid websites with the terra.money domain for now.