HomeNFTMetaversesOpenSea: a phishing attack has affected some users

OpenSea: a phishing attack has affected some users

Over the past few days, and in particular on Saturday 19 February, rumours have surfaced that the NFT platform OpenSea has been subject to a hacking attack. 

Last Saturday, some users reported that some NFTs from the Cool Cats and Doodle collection had been stolen, totaling 254 works.

So the platform’s co-founder, Devin Finzer intervened and stated that it would in fact be a phishing attack not directly targeting the platform.

“We don’t believe it’s connected to the OpenSea website”,

Finzer explained in his tweet on Sunday. Here’s the original:

Who was affected by the hack

Basically, the phishing attack allegedly affected 32 users who were robbed by the hackers. The attack apparently lasted about 3 hours (from 5 PM to 8 PM ET).

In particular, these are the addresses that seem to have been attacked and then robbed.

The address has now been reported and is marked on the EtherScan explorer as “Fake_Phishing5169”. It currently contains a balance of no less than 641 Ethereum, or 1.7 million dollars.

OpenSea phishing

Hacker attack steals NFTs, but it’s not OpenSea’s fault

According to some more detailed information, the attack appears to have exploited a flaw in the Wyvern protocol, an open source standard that underpins many smart contracts on NFT platforms.

The attack appears to have been structured in two phases: first, it affected a part of the contract with a general authorization and a lot of information left blank.

With the signature in place, the hackers then supplemented the smart contract with a direct call to their contract, which automatically transferred the NFTs without any payment even taking place. 

In essence, the wallets of the victims had signed a blank contract and, once signed, the attackers filled in the rest to steal the victims’ non-fungible tokens.

Amelia Tomasicchio
Amelia Tomasicchiohttps://cryptonomist.ch
As expert in digital marketing, Amelia began working in the fintech sector in 2014 after writing her thesis on Bitcoin technology. Previously author for several international crypto-related magazines and CMO at Eidoo. She is now the co-founder and editor-in-chief of The Cryptonomist, and also PR manager for the Italian market at Bitget. She is also a marketing teacher at Digital Coach in Milan and she published a book about NFTs for the Italian publishing house Mondadori, while she is also helping artists and company to entering in the sector. As advisor, Amelia is also involved in metaverse-related project such as The Nemesis and OVER.