OpenSea users hit by phishing attack, $1.7 million worth of NFTs stolen.
If you’ve ever wanted to enter the NFT market, buy or sell, chances are you’ve at least heard of OpenSea, if you haven’t already. It is one of the largest and most popular platforms for doing this. Unfortunately, the latter turned out to be the target of a phishing attack that resulted in the theft of numerous NFTs worth up to approximately $1.7 million.
OpenSea users are victims of a phishing attack
To begin with, let’s clarify: the OpenSea platform itself has not been hacked. Its users have been phished. This attack was brought to the attention of platform users via email and looked like a message from the OpenSea community.
In the email in question, users were asked to transfer their Ethereum holdings to a new smart contract, and since OpenSea had announced their own smart contract just a day before, this email seemed right.
$1.7 million in stolen NFTs
According to numerous reports, 32 OpenSea users were affected by this letter and signed a contract containing malicious code to sign an NFT to the attacker. 32 users seems like a lot, but given the crazy amounts that NFTs can reach in fiduciary money, it’s fairly easy to see that the total amount of NFTs stolen in this way is as high as $1.7 million.
The good news is that some of the stolen NFTs have been returned to their rightful owners. Others, on the other hand, were sold by the hacker. OpenSea is currently investigating this incident internally to determine how it all happened.