BTC

$57830.697

1.60%

ETH

$2935.835

3.50%

BNB

$552.304

2.22%

XRP

$0.514

6.60%

Scam Alert

New NFT Phishing Scam Using The OpenSea Proxy To Upgrade The Interface

May 16, 2023 - Around 3 mins mins to read

Key Points:

  • A new type of phishing scam to steal NFT assets appeared on OpenSea.
  • When a user creates an account on the platform, it will create a proxy contract and let the user authorize their NFT to the proxy contract.
On May 16, the visual analysis tool MetaSleuth tweeted that it had detected a new type of phishing scam to steal NFT assets on the NFT marketplace OpenSea.
New NFT Phishing Scam Using The OpenSea Proxy To Upgrade The Interface

Because when a user creates an account in OpenSea, the platform will create a proxy contract and let the user authorize their NFT to the proxy contract. Based on this feature, the scam would have the victim sign an upgradeTo() function that changes the OpenSea agent to its contract. After changing the implementation, the attacker can easily call multicall() and exhaust every approved NFT.

BlockSec added that the scam exploited the proxy upgrade interface of the OpenSea protocol.

According to MetaSleuth, it’s only working on the old Opensea protocol and surprisingly that there are still newly created accounts using this old protocol.

NFT platforms are becoming one of the favorites of scammers.

On Monday, May 15, the US Secret Service San Francisco Field Office and the Bay Area Regional Enforcement Allied Computer Team (REACT) sponsored an Ask Me Anything (AMA) on Reddit. The REACT team, according to its article, focuses on keeping cryptocurrencies and its users secure in San Francisco. The team is made up of both analysts and special agents.

One Reddit user joked that the US Secret Service might explore creating its own token or memecoin. The USSS and REACT approached the AMA with levity. According to the USSS, it designed and coined its own NFT series, which is still accessible on OpenSea.

Over the last six months, OpenSea has been caught between a rock and a hard place. At the moment, its first true competition — Blur, the NFT marketplace and aggregator — emerged, siphoning off the bulk of trade volume from the formerly unassailable lord of the NFT seas. The biggest NFT marketplace, OpenSea Pro (OS Pro), has finally reacted to Blur’s invasion of its previously controlled domain. It’s a huge breakthrough that touches on a number of contentious topics in the industry.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Blur

OpenSea

React

Reddit

Scam

Avatar of Harold

Author

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.
Scam Alert

New NFT Phishing Scam Using The OpenSea Proxy To Upgrade The Interface

Key Points:

  • A new type of phishing scam to steal NFT assets appeared on OpenSea.
  • When a user creates an account on the platform, it will create a proxy contract and let the user authorize their NFT to the proxy contract.
On May 16, the visual analysis tool MetaSleuth tweeted that it had detected a new type of phishing scam to steal NFT assets on the NFT marketplace OpenSea.
New NFT Phishing Scam Using The OpenSea Proxy To Upgrade The Interface

Because when a user creates an account in OpenSea, the platform will create a proxy contract and let the user authorize their NFT to the proxy contract. Based on this feature, the scam would have the victim sign an upgradeTo() function that changes the OpenSea agent to its contract. After changing the implementation, the attacker can easily call multicall() and exhaust every approved NFT.

BlockSec added that the scam exploited the proxy upgrade interface of the OpenSea protocol.

According to MetaSleuth, it’s only working on the old Opensea protocol and surprisingly that there are still newly created accounts using this old protocol.

NFT platforms are becoming one of the favorites of scammers.

On Monday, May 15, the US Secret Service San Francisco Field Office and the Bay Area Regional Enforcement Allied Computer Team (REACT) sponsored an Ask Me Anything (AMA) on Reddit. The REACT team, according to its article, focuses on keeping cryptocurrencies and its users secure in San Francisco. The team is made up of both analysts and special agents.

One Reddit user joked that the US Secret Service might explore creating its own token or memecoin. The USSS and REACT approached the AMA with levity. According to the USSS, it designed and coined its own NFT series, which is still accessible on OpenSea.

Over the last six months, OpenSea has been caught between a rock and a hard place. At the moment, its first true competition — Blur, the NFT marketplace and aggregator — emerged, siphoning off the bulk of trade volume from the formerly unassailable lord of the NFT seas. The biggest NFT marketplace, OpenSea Pro (OS Pro), has finally reacted to Blur’s invasion of its previously controlled domain. It’s a huge breakthrough that touches on a number of contentious topics in the industry.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Visited 105 times, 1 visit(s) today