The world's largest digital marketplace for crypto collectibles and non-fungible tokens, OpenSea, announced that it is investigating a scam targeting users of its NFT platform.
OpenSea posted a tweet saying that it appears to be the target of a phishing attack originating outside of OpenSea's website.
We are actively investigating rumors of an exploit associated with OpenSea related smart contracts. This appears to be a phishing attack originating outside of OpenSea's website. Do not click links outside of https://t.co/3qvMZjxmDB.
— OpenSea (@opensea) February 20, 2022
Following the warning, the firm’s CEO Devin Finzer went on Twitter and said that the company is “not aware of any recent phishing emails that have been sent to users,” and suggested a fraudulent website may be to blame.
As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.
— Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022
According to reports, the hacker has stolen roughly $3 million in assets, which includes popular NFTs like Bored Apes, Azuki and CloneX.
On Saturday evening, Benzinga warned OpenSea users not to migrate their NFTs until further clarity.
URGENT WARNING: Reports of NFTs being stolen on OpenSea from users manually migrating their NFTs. DO NOT MIGRATE YOUR NFTs UNTIL FURTHER CLARITY!! (more info in this thread)
— Benzinga (@Benzinga) February 20, 2022
Dogecoin DOGE co-creator Billy Markus also sent a tweet about the incident.
apparently the new opensea contract migration is compromised and people are stealing NFTs or something?
— Shibetoshi Nakamoto (@BillyM2k) February 20, 2022
anyway that’s bad
On Twitter, the OpenDAO responded to OpenSea’s recent attack.
The OpenDAO’s response to the recent phishing attack on OpenSea:https://t.co/R6TAc00Rfv
— OpenDAO (@The_OpenDAO) February 20, 2022
Join our Twitter Spaces:https://t.co/TjtKHckf30 pic.twitter.com/gm9psJyE6z
Blockchain security company PeckShield said that the rumored exploit was “most likely phishing” – a malicious contract hidden in a disguised link.
The company cited that same mass email about the migration process as one of the possible sources of the link.
Also Read: Over 80% Of OpenSea's Free NFTs Are Fake, Spam Or Plagiarized
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
