A hacker stole potentially hundreds of NFTs from users of OpenSea, one of the largest NFT marketplaces on the internet, worth a total of $1.7 million on Saturday. Company officials on Sunday tried to assure users that it was safe to mint, buy, list, and sell NFTs on OpenSea, although they maintained that an investigation was ongoing.
According to OpenSea co-founder and CEO, the hacker tricked 32 victims into signing a malicious payload that allowed the attacker to transfer their NFTs for free. The company was confident that the attack was a phish, but they didn't know where it happened. According to the company, the attack appears to have been carried out outside of OpenSea.
The migration to the new Wyvern smart contract system is expected to be completed by February 25.
The CEO ruled out OpenSea's website as the origin point of the attack. He said that interacting with an email from OpenSea was not a factor in the attack. Clicking on the site's banner, signing the new Wyvern smart contract, and using OpenSea's listing migration tool to move listings to the new Wyvern contract system were determined to be safe.
Users whose items were stolen to narrow down a set of common websites that they interacted with that might have been responsible for the malicious signatures are being worked on.
All Rights Reserved © 2024
