OpenSea, the world’s biggest marketplace for non-fungible tokens (NFTs), lost hundreds of digital collectibles in a phishing attack over the weekend. The incident has reportedly caused OpenSea losses worth $1.7 million (roughly Rs. 12.5 crore). The hacker(s) responsible for this attack are currently unknown, but an investigation has been launched into the case. The crypto industry has begun churning trillions of dollars in revenue, catching the attention of hackers and scammers. In recent times, several hack attacks on crypto firms and investors have made it under the light, including OpenSea.
The attacker(s) lured OpenSea users into digitally signing malicious messages via phishing emails or websites. Exact details are still unclear.
Devin Finzer, the co-founder and CEO of OpenSea, said that at least 32 of the platform’s users have fallen prey to this attack. Finzer has been updating people about fresh developments on the situation via Twitter.
We are not aware of any recent phishing emails that have been sent to users, but at this time we do not know which website was tricking users into maliciously signing messages.
— Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022
Blockchain security firm PeckShield has also been following the incident closely while also monitoring developments.
PeckShield has been able to compile a list of 254 NFTs that were stolen in this attack.
The security firm also claims that privacy mixer tool Tornado Cash was used by the OpenSea hacker(s) to wash ETH 1,100. Tornado Cash can hide the final destination of the Ether tokens.
Meanwhile, OpenSea is reaching out to its affected users in order to assist them for the next steps.
Our leadership, engineering, and security teams are communicating with affected users to gather details. We continue to believe that this is a phishing attack that originated outside of https://t.co/3qvMZjxmDB. ↯
— OpenSea (@opensea) February 20, 2022
Nadav Hollander, the chief technology officer of OpenSea has also shared his notes on this attack on Twitter.
– None of the malicious orders were executed against the new (Wyvern 2.3) contract, indicating that they were signed before the migration and are unlikely to be related to OpenSea’s migration flow.
— Nadav Hollander (@NadavAHollander) February 20, 2022
Losses in crypto-related hacks exceeded $10 billion (roughly Rs. 73,885 crore) over the past year and now hackers want to keep coming back to the crypto sector for more.
Last year in August, hackers breached blockchain-based platform Poly Network and extracted more than $600 million (roughly Rs. 4,480 crore) in cryptocurrencies, marking DeFi’s biggest hack ever. DeFi stands for decentralised finance.
In February this year, crypto platform Wormhole Portal lost $322 million (roughly Rs. 2,410 crore) in a hack attack, making it the second largest breach to have hit the DeFi sector.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
