• News

OpenSea NFT marketplace phishing exploit leads to theft from some user accounts

OpenSea users appear to have been victimized by a phishing exploit leading to the theft of NFTs on the marketplace.

Asif Khan

February 19, 2022 7:50 PM

2

Users of the OpenSea NFT marketplace have been victimized by an exploit of some sort. Some users are reporting NFTs being stolen, and many crypto commentators are unsure what exactly is going on. The company issued a statement on Twitter suggesting that phishing emails might be the cause.

We are actively investigating rumors of an exploit associated with OpenSea related smart contracts. This appears to be a phishing attack originating outside of OpenSea's website. Do not click links outside of https://t.co/3qvMZjxmDB.

— OpenSea (@opensea) February 20, 2022

OpenSea confirmed that the platform's smart contracts are the target of this attack, and it appears the attacker is using smart contract 0xa2c0946aD444DCCf990394C5cBe019a858A945bD to perpetrate this crime. According to Twitter user Jon_HQ, the smart contract is interacting with OpenSea's new exchange contract and then selling stolen NFTs to others to pull ethereum out. The thief's wallet currently holds over 640 ETH, amounting to $1.7 million. Jon_HQ strongly any users who interacted with the new OpenSea contract to revoke token approvals immediately.

Another prominent crypto Twitter user 0xfoobar believes the hacker is indeed taking advantage of a phishing attack launched several weeks ago, and is exploiting contracts right before all listings expire.

We now go to Dogecoin Cofounder Billy Markus for his take on the news:

anyhoo, i have no useful information or understanding of what is going on so i am a useless source of information, don’t listen to me

carry on panicking or doing nothing pic.twitter.com/AmTTtf9dbU

— Shibetoshi Nakamoto (@BillyM2k) February 20, 2022

Thanks, Billy!

— Jom Cromor the Rum Thief (@JomCromor) February 17, 2022

This isn't the first time the crypto space has been victimized by theft and hacking, with Crypto.com getting hit just last month. Many investors are paying close attention to the NFT space, and tonight's problems at the world's largest NFT marketplace is cause for concern, but it is entirely possible that users clicked a bad link in a well-crafted phishing email. Either way, tonight's incident highlights the challenges cryptocurrency markets and NFT marketplaces face as new entrants like the NYSE and GameStop prepare to enter the fight.

Calling it now.

The hacker used a standard phishing email copying the genuine #Opensea one sent out a few days ago, then got a number of people to sign permissions with WyvernExchange.

No exploit, just people not reading sign permissions as normal. pic.twitter.com/bQj5JCzp6B

— ℭ𝔶𝔭𝔥𝔯.Ξ𝔱𝔥 (@CyphrETH) February 20, 2022

The above tweet from CyphrETH appears to include a screenshot of the phishing email. It seems like some users may have accidentally signed a permission to the hackers. 

Developing...

This article is only meant for educational purposes, and should not be taken as investment advice. Please consider your own investment time horizon, risk tolerance, and consult with a financial advisor before acting on this information.

Asif Khan

CEO/EIC/EIEIO

Asif Khan is the CEO, EIC, and majority shareholder of Shacknews. He began his career in video game journalism as a freelancer in 2001 for Tendobox.com. Asif is a CPA and was formerly an investment adviser representative. After much success in his own personal investments, he retired from his day job in financial services and is currently focused on new private investments. His favorite PC game of all time is Duke Nukem 3D, and he is an unapologetic fan of most things Nintendo. Asif first frequented the Shack when it was sCary's Shugashack to find all things Quake. When he is not immersed in investments or gaming he is a purveyor of fine electronic music. Asif also has an irrational love of Cleveland sports.