Fraudulent Form Gasless Sales On OpenSea Made Users Lose Millions Of Dollars
Key Points:
- On December 23, Harpie issued a warning on a new hacking scheme involving gasless sales on the OpenSea market platform. The cyber security company claims that many customers lost millions of dollars worth of digital assets as a result of the scam tactic.
- Deeper investigations into the digital assets of the anti-theft company have shown that scammers have been stealing millions in cryptocurrency and NFTs by taking advantage of the OpenSea gasless platform’s vulnerability.
- Many users are drawn to execute gasless transactions within the OpenSea platform, which needs users to approve their signatures with an unintelligible message, claims the Harpie security firm.
NFT holders are at risk due to a new hack involving a feature on the NFT marketplace OpenSea through phishing websites.
On December 23, Harpie issued a warning on a new hacking scheme involving gasless sales on the OpenSea market platform. The cyber security company claims that many customers lost millions of dollars worth of digital assets as a result of the scam tactic.
Deeper investigations into the digital assets of the anti-theft company have shown that scammers have been stealing millions in cryptocurrency and NFTs by taking advantage of the OpenSea gasless platform’s vulnerability.
Many users are drawn to execute gasless transactions within the OpenSea platform, which needs users to approve their signatures with an unintelligible message, claims the Harpie security firm.
Additionally, users can construct private activities with unintelligible signatures using the OpenSea gasless functionality. As a result, con artists have begun requesting people to sign one of their illegible letters using this technology.
The login messages are signature requests to execute a private sale of the victim’s NFT to the con artist for 0 Ether, it’s important to note. Hackers are now able to siphon funds from the victim if they sign.
In addition to this fraud, the blockchain security firm CertiK recently warned the cryptocurrency community about a practice they call “ice phishing.” By using this exploit, con artists get Web3 users to sign permissions that give the attackers the right to use their tokens. The scam, according to CertiK, is specific to the Web3 industry and poses a serious threat.
As Coincu reported, on December 17, an analyst pointed out how a con artist allegedly stole 14 Bored Ape NFTs using the gasless Seaport signature feature. The hacker conducted extensive social engineering before leading the victim to a phony NFT site and having the holder sign a contract. The victim’s wallet was then stolen after that.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Harold
Coincu News