After being tricked in a cyber fraud, dozens of NFT owners have lost $1.7 million in digital art.
Criminals targeted users of the online NFT platform OpenSea, using the phishing tactic to get the owners to sign over the digital assets.
PeckShield, a blockchain security business, reported a 253 tokens taken over in the course of three hours on Saturday evening, affecting 32 different OpenSea users.
Tokens from the metaverse marketplace Decentraland and the Bored Ape Yacht Club were among the NFTs stolen.
The phishing assault appears to have taken use of the Wyvern Protocol, a smart contract standard that saw victims sign a blank cheque for the perpetrators.
Although phishing is one of the oldest types of cyber attacks, security experts warn that it is continually developing and growing more sophisticated.
“Criminals are becoming smarter, but older, proven attack paths can still yield results,” David Mahdi, chief security officer of cyber security firm Sectigo said.
“It’s no longer enough to be aware of bluntly phrased emails when it comes to phishing attacks; recipients must also examine context, content, and sender, especially if financial transactions are involved.”
Although OpenSea is still investigating the incident, it has denied that its platform was ever breached.
“The attack did not originate on opensea.io,” Devin Finzer, the NFT platform’s CEO and co-founder, tweeted.
Hackers use phishing attacks to trick unsuspecting users into disclosing personal information or installing malware that would harm them further. To keep protected from such deadly attacks;
- users should be more cautious about the links they open from emails or direct social media communications;
- if your Chrome, Edge, or Safari browsers warn you that a website isn’t safe, don’t go there;
- set up a solid firewall;
- installing programs from unknown sources is not a good idea;
- antivirus software should be used;
- keep your personal information (passwords, etc.) secure; and
- when perusing the internet, avoid clicking on pop-up advertising.
OpenSea is a digital marketplace dedicated to non-fungible token trading (NFTs). Images, artwork, songs, and a variety of other items can all be traded as NFTs.
NFTs are electronic proofs of ownership for digital assets that are kept on the Blockchain. Anything can be an NFT if it is sold and its “certificate of ownership” is maintained on the Blockchain. The majority of people today associate NFTs solely with artworks! While artwork is not the only type of NFT that may be sold on OpenSea, it is one of the most popular.
Ethereum (ETH) is the most popular method of trade on OpenSea, however other cryptocurrencies are also accepted. On OpenSea, several items are worth millions of dollars, such as the $69.3 million Beeple NFT artwork. As a result, it’s clear that these hackers were aiming high, as the phishing effort resulted in the theft of $1.7 million in NFTs from a variety of users.