Hours after OpenSea announced an upgrade to delist inactive Non-Fungible Tokens (NFTs) on its platform. Some users have been targeted explicitly through a phishing attack disguised as a legitimate email concerning the planned upgrade.
Per the original OpenSea update, the platform advised its customers to move their Ethereum-based NFTs to a new smart contract address, a move that will cost no cent per gas fee. Users who do not complete the migration as instructed stand the chance of losing their old and inactive tokens. Drawing on this detail, PeckShield, a blockchain security and data analytics company, said that the platform’s “Users authorize the “migration” as instructed in the phishing email and the authorization, unfortunately, allows the hacker to steal the valuable NFTs.”
In a Twitter update shared by OpenSea’s Co-Founder and CEO, Devin Finzer, the attacker’s address has remained inactive for the time being, adding that some of the stolen NFTs have been returned back to their owners. In his own words;
“As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen… The attack doesn’t appear to be active at this point — we haven’t seen any malicious activity from the attacker’s account in 2 hours.”
OpenSea claimed that “some of the NFTs have been returned, but not aware of any recent phishing emails that have been sent to users, but at this time we do not know which website was tricking users into maliciously signing messages.”
OpenSea is the world’s largest marketplace for trading NFTs, and the platform has been the target of many malicious workers in recent times.
Earlier in January, the marketplace was hacked for 332 ETH, worth approximately $780 million at the time. While the platform is actively working to mitigate these risks, it also plans on hiring additional staff to relieve its overwhelmed employees. With the new capital and the manpower, perhaps, related exploits shortly can be averted.
Image source: Shutterstock