- OpenSea NFT marketplace faces rumors of a hack.
- The company denied the rumor and instead said it was a phishing attack.
- The attacker has stolen $1.7 million ETH by phishing.
Leading NFT marketplace — OpenSea is being alleged that its platform has been hacked. However, in a series of tweets, OpenSea vehemently denied the rumors. Instead, the company’s CEO Devin Finzer said that it was a phishing attack.
In a Twitter post, OpenSea reassures its users that it was investigating the specific details of the phishing attack. They say that the attack does not appear to be email-based, rather, it is an isolated incident impacting a small number of people.
We are actively investigating rumors of an exploit associated with OpenSea related smart contracts. This appears to be a phishing attack originating outside of OpenSea’s website. Do not click links outside of https://t.co/3qvMZjxmDB.
— OpenSea (@opensea) February 20, 2022
The company claims that its attention was drawn to rumors that its codebase was breached and attackers stole over $200 million. Finzer said after an investigation, they discovered that the attacker holds $1.7 million Ethereum in his wallet by phishing.
However, Finzer did not disclose the value of stolen NFTs, but a Twitter user revealed that over
$200 million was lost already, to which Finzer replied it was a false claim. A Twitter netizen argued that OpenSea is lying. The user added that a “flaw in their code led to one of the largest NFT exploits in history’’.
Finzer also reported that around 32 users have signed a malicious payload from an attacker, and some of their NFTs are reported to have been stolen. However, the company was not aware of any phishing emails and commented that a fraudulent website might have intruded.
Finzer also said the attack does not appear to be active and the company could not see any malicious activities from the attacker’s account for a few hours. He also asked the users to be aware of misleading websites and ensure the website reads opensea.io on the web browser.
Moreover, a blockchain security company PeckShield that audits smart contracts also reported the alleged exploit was ‘’most likely phishing’’.
- "
- 7
- Account
- active
- activities
- already
- around
- being
- blockchain
- Blockchain security
- browser
- ceo
- claims
- code
- company
- contracts
- could
- DID
- discovered
- Display
- ETH
- ethereum
- Exploit
- faces
- hack
- HTTPS
- investigation
- IT
- Led
- marketplace
- million
- NFT
- NFTs
- OpenSea
- People
- phishing
- phishing attack
- platform
- Revealed
- Rumors
- Said
- security
- Series
- small
- smart
- Smart Contracts
- stole
- stolen
- users
- value
- Wallet
- web
- web browser
- Website
- websites