OpenSea Vulnerability Leads to Exploit of Numerous NFTs, Hacker Makes 150 ETH

article image

Arman Shirinyan

Another user takes advantage of a vulnerability on the platform

Contents

  • Digital robbery
  • Two vulnerabilities in one week

Another exploit on the biggest Ethereum NFT marketplace appears as OpenSea has reportedly been hacked. “Anonymous” has stolen numerous NFT pieces worth approximately 150 ETH and is currently selling them on another platform.

Digital robbery

According to WuBlockchain, 8 NFT pieces were stolen, including Cool Cat NFTs numbered #9575, #7218, #3537, #1546 and Bored Ape Yacht Club pieces #6623, #1397, #775 and #2068. As Nftgo tracker suggests, the holding value of the anonymous user is currently at $117,000.

The mentioned pieces are being sold on the LooksRare NFT marketplace that is often being presented as the main competitor of the OpenSea NFT platform that gives out rewards to both sellers and buyers.

Reportedly, OpenSea has prevented the anonymous hacker from selling on the platform by banning his address. The same procedure has been used after the anonymous hacker stole approximately $600 million from PolyNetwork. The wallet’s address with stolen funds was blacklisted by the majority of exchanges that had enough liquidity for realizing funds.

Two vulnerabilities in one week

Unfortunately for NFT holders, the current exploit was not the first issue the NFT platform had with hackers as an anonymous user stole approximately 347 ETH by buying NFT pieces listed on OpenSea for a significantly cheaper price.

The root of the exploit was covered in the platform’s API, which is used for third-party marketplaces that are willing to make profits off the fees.

In addition to the largest NFT marketplace having issues with security, previously implemented NFT profile pictures on Twitter can in fact be substituted by re-minting the same NFT out of the collection.

Source: https://u.today/opensea-vulnerability-leads-to-exploit-of-numerous-nfts-hacker-makes-150-eth