OpenSea NFT marketplace phishing exploit leads to theft from some user accounts

OpenSea users appear to have been victimized by a phishing exploit leading to the theft of NFTs on the marketplace.


Users of the OpenSea NFT marketplace have been victimized by an exploit of some sort. Some users are reporting NFTs being stolen, and many crypto commentators are unsure what exactly is going on. The company issued a statement on Twitter suggesting that phishing emails might be the cause.

OpenSea confirmed that the platform's smart contracts are the target of this attack, and it appears the attacker is using smart contract 0xa2c0946aD444DCCf990394C5cBe019a858A945bD to perpetrate this crime. According to Twitter user Jon_HQ, the smart contract is interacting with OpenSea's new exchange contract and then selling stolen NFTs to others to pull ethereum out. The thief's wallet currently holds over 640 ETH, amounting to $1.7 million. Jon_HQ strongly any users who interacted with the new OpenSea contract to revoke token approvals immediately.

Another prominent crypto Twitter user 0xfoobar believes the hacker is indeed taking advantage of a phishing attack launched several weeks ago, and is exploiting contracts right before all listings expire.

We now go to Dogecoin Cofounder Billy Markus for his take on the news:

Thanks, Billy!

This isn't the first time the crypto space has been victimized by theft and hacking, with getting hit just last month. Many investors are paying close attention to the NFT space, and tonight's problems at the world's largest NFT marketplace is cause for concern, but it is entirely possible that users clicked a bad link in a well-crafted phishing email. Either way, tonight's incident highlights the challenges cryptocurrency markets and NFT marketplaces face as new entrants like the NYSE and GameStop prepare to enter the fight.

The above tweet from CyphrETH appears to include a screenshot of the phishing email. It seems like some users may have accidentally signed a permission to the hackers. 


This article is only meant for educational purposes, and should not be taken as investment advice. Please consider your own investment time horizon, risk tolerance, and consult with a financial advisor before acting on this information.


Asif Khan is the CEO, EIC, and majority shareholder of Shacknews. He began his career in video game journalism as a freelancer in 2001 for Asif is a CPA and was formerly an investment adviser representative. After much success in his own personal investments, he retired from his day job in financial services and is currently focused on new private investments. His favorite PC game of all time is Duke Nukem 3D, and he is an unapologetic fan of most things Nintendo. Asif first frequented the Shack when it was sCary's Shugashack to find all things Quake. When he is not immersed in investments or gaming he is a purveyor of fine electronic music. Asif also has an irrational love of Cleveland sports.

From The Chatty
Hello, Meet Lola