OpenSea is the largest benchmark in the world of NFT’s, but this does not exempt them from theft and web attacks. Last weekend, the platform was the victim of a phishing attack that resulted in the theft of hundreds of non-fungible tokens, valued at $1.7 million. To do this, the cyber thieves only needed three hours.
The theft was announced by the co-founder and CEO of the platform, Devin Finzer through his Twitter account, who also revealed all the details of the theft. The first thing that Finzer explains is that a cyberattack from within the platform was ruled out, they were able to determine that it came from users other than OpenSea.
I know you’re all worried. We’re running an all hands on deck investigation, but I want to take a minute to share the facts as I see them:
— Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022
“So, this is a phishing attack. We do not believe that it is related to the OpenSea website. It appears that, so far, 32 users have signed a malicious payload from an attacker and some of their NFTs have been stolen,” Finzer wrote in one of his tweets. However, the number of victims was later reduced to 17 users.
The CEO added that the phishing attack was no longer active as of Saturday night. Until then, in the three hours, 254 NFT’s were stolen, according to the PeckShield security service. Among the stolen tokens are some of the most valuable pieces such as Decentraland and Bored Ape Yacht Club.
It may interest you: The DIAN announces that cryptocurrencies will enter the income statement
Days before, on February 18, the platform asked users to migrate their assets to a new system called Wyvern 2.3, an open source standard. Apparently, the cybercriminals took this as an excuse to send the hook email, in which, when the user enters their data, the attackers gain access to their accounts. This was determined by a screenshots.
However, in the Twitter thread Finzer reports something different. The attackers would have sent the victims a partial contract, with a general authorization and plenty of blank spaces. With the signature, the attackers were able to transfer the NFTs. In short, cybercriminals tricked users into signing a “blank check.” However, the route by which the phishing attack was carried out is unknown.