The NFT platform investigates reports that a hacker is stealing high-value NFTs from its users.
Another attack is threatening OpenSea users
Hackers are purportedly targeting high-value NFTs on the OpenSea marketplace. NFT holders worldwide were in an uproar when news surfaced that hackers are aggressively stealing NFTs and flipping them for a profit on OpenSea, the world’s largest NFT marketplace. This OpenSea assault occurred shortly after it was found that owing to a fault in the code. As a result, bad actors could steal NFTs using outdated quoted prices without the owner’s awareness. Even though OpenSea has not yet discovered the hack, the marketplace has issued a warning to its consumers by posting a statement on its website and Twitter.
NFTs from BAYC were stolen
Because all blockchain transactions are public, it is clear that the attacker moved several NFTs from different users to their addresses without paying for them. Some of these NFTs are members of the well-known Bored Ape Yacht Club and the Mutant Ape Yacht Club. The hacker also took an NFT from the Azuki collection and sold it for 13.4 ETH, or $36,000. The attacker still has roughly 600 ETH in his wallet, worth a whopping $2 million. The attacker is also behaving strangely, as evidenced by the return of several NFTs stolen from a single victim. However, among the stolen NFTs was a BAYC NFT, which the marketplace has blocked due to suspicious activities.
Users of Phishing Page Tricks
The most recent smart contract on OpenSea aims to address the issue of inactive listings, which allowed criminals to steal NFTs from collectors by paying a fraction of their previously posted value. Because of this bug, many NFT holders on the platform have unknowingly lost precious NFTs at a fraction of their current value. The marketplace is now requesting that customers switch to the new smart contract to solve this issue. However, it appears that users of this platform are still at risk since a new threat has emerged. A malicious agent is phishing users with a false page that appears to be produced for the smart contract update. Users who are oblivious to the distinction between the two are mindlessly following the bogus page, resulting in the loss of their information and important NFTs.