OpenSea, the world’s largest NFT marketplace, has been hacked for 332 ETH, according to reports.
Peck Shield, a blockchain security business that aspires to improve the security, privacy, and usability of the whole blockchain ecosystem, announced this in a tweet.
The dollar sum comes to $780,200 at today’s market price of $2,350 per Ether.
“It appears that @opensea has a front-end problem, and the exploiter acquired roughly 332 Ether,” the tweet states. The hack’s Ether Scan transaction ID was included in the tweet.
Details of the hack
The hack was reportedly caused by a weakness in the front end of OpenSea, one of the world’s largest markets for Non-fungible Tokens (NFTs), which allowed users to acquire popular NFTs at their former listing price.
The exploiter appears to have purchased NFT items from the Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) at their previous listed price and then sold them for the current market price. BAYC #9991, BAYC #8924, and MAYC #4986 are among the NFTs that are affected.
A user dubbed ‘jpegdegenlove’ is suspected of profiting $332 Ether (ETH) ($780,000) by exploiting the present issue. OpenSea has been silent on the subject.
An earlier vulnerability on December 31st, 2021, saw a similar scenario, where a problem appears to occur from the transfer of assets from the OpenSea wallet to another wallet without canceling the listing.
What are they saying?
‘cap10bad,’ a Twitter user, detailed why the hack occurred in a Twitter trend. According to him;
- “1/ Recently there’s been an @opensea exploit that has allowed for assets to be purchased at greatly discounted prices, including 3 freshdrops passes, a BAYC, multiple MAYCs, and more. I did some research this morning and here’s what’s happening.
- “2/ If an OS user lists an NFT for sale and later decides they don’t want that listing to be active anymore, the OS will charge for delisting. This can be costly, especially if the price was lowered multiple times, so users have found a workaround -> transfer to another wallet.
- “3/ This effectively cancels the listing in OS and the user transfers the item back to the original wallet, no damage done right? Wrong.
- “4/ The item may not show the listing on OS, but it is in fact still active through OS’s API. The quickest way to view these old listings is on Rarible, which uses OS’s API to display and fulfill OS’s listings.
- “5/ The old, presumed canceled, listing displays as active on Rarible and are fulfillable. An example of my X-Punk next I created a listing on OS, transferred to another wallet, and back. No listing is shown on the OS. This is how it’s expected to work.
- “6/ However if you view the same asset on Rarible, you’ll see it’s listed for O.25 ETH, which is what I listed on an OS before transferring!
- “7/ OS has been notified about this bug, but nothing has been done about it yet. Please be careful out there and you might want to go check your assets on Rarible before it’s too late!”
The defect was allegedly flagged following the December 2021 occurrence, but the platform did nothing to resolve the problem, according to the user.
With OpenSea, the NFT market has been expanding, with monthly transaction volume in Ether (ETH) surpassing $3.5 billion for the first time ever last week. OpenSea has now eclipsed the all-time high of $3.42 billion achieved in August 2021, according to data from Dune Analytics, to record a new all-time high. Its trade volume is now estimated to be around $4.8 billion.