Bug on OpenSea allows a hacker to sell old listings for 332 ETH

A recent report identified a bug in the OpenSea NFT marketplace. The vulnerability has enabled a threat actor to exploit users on the NFT marketplace by enabling them to buy some of the leading NFTs at previous prices.

Following this exploit, the hacker has managed to walk away with 332 Ether tokens valued at around $754,000.

Bug detected on OpenSea


Are you looking for fast-news, hot-tips and market analysis?

Sign-up for the Invezz newsletter, today.

The vulnerability was popular among some of the leading NFTs in the market, including the Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC). The hacker managed to buy these NFTs at low prices when they were first listed and later sold at high ongoing market prices.

The NFTs affected in this incident include BAYC #9991, BAYC #8924 and MAYC #4986. The hacker behind this exploit is a user on the marketplace under the name jpegdegenlove. OpenSea has not issued a statement regarding this bug.

Not the first incidence on OpenSea

This is not the first incidence on OpenSea. On December 31, a similar bug was detected in the platform. This bug was caused by transferring assets from the OpenSea wallet to another wallet. This transfer was done without the listing being cancelled on the marketplace.

A post on Twitter stated that when users list their assets on OpenSea and decide to cancel the listing, they are usually charged a high fee, and the asset’s value drops significantly. However, users that want to cancel their listings have found a way to avoid this fee.

A user can transfer the asset they want to cancel into a different wallet. This will automatically remove the listing from OpenSea. However, the asset will remain on the marketplace using the OpenSea API.

The bug preventing transferred assets from being delisted from the marketplace was detected in December, but the marketplace is yet to issue any patches. The boom in non-fungible tokens has attracted many users to the sector, and the number of scams could soon rise as hackers seek to take advantage of the new slot of buyers wanting to join the craze.

Invest in crypto, stocks, ETFs & more in minutes with our preferred broker,

eToro






10/10

67% of retail CFD accounts lose money

Source: https://invezz.com/news/2022/01/24/bug-on-opensea-allows-a-hacker-to-sell-old-listings-for-332-eth/