Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

OpenSea users face NFT private auction scam

OpenSea users face NFT private auction scam

By making the private auction option look like a login method, phishing websites trick people into giving away their NFTs.

Since nonfungible tokens (NFTs) have become more popular, bad actors who try to take advantage of people in the ecosystem have become more active. At the moment, NFT holders are at risk because phishing websites have been used to hack a part of the NFT marketplace OpenSea.

Efforts to stop theft Harpie told NFT users about a new attack that used the OpenSea platform to make purchases without gas. Harpie says that hackers were able to steal millions of dollars worth of digital assets by using the feature.

In order to make gasless sales on the OpenSea platform, users must approve a signature request with a message that they can’t understand. Users can also use this feature to make private auctions with signatures that can’t be read.

Because of this, phishing websites have been asking their victims to sign one of these letters that no one can understand. Harpie says that signatures are often shown as a step that must be taken to log in and get to the website.

The login messages, on the other hand, are really signature requests for the victim to sell their NFTs privately to the scammer for 0 ETH ETH tickers down $1,216. If it is signed, the NFTs will be sent to the hacker’s wallet address.

CertiK, a blockchain security company, recently warned the cryptocurrency community about something they call “ice phishing” in addition to this fraud. Con artists use this flaw to get Web3 users to sign permissions that let the attackers use their tokens. CertiK says that the scam is unique to the Web3 industry and is a very serious threat.

About MahKa

MahKa loves exploring the decentralized world. She writes about NFTs, the metaverse, Web3 and similar topics.

Latest NFT News, Trendings and Tutorials, right in your inbox, every Monday

IMPORTANT DISCLAIMER: All content provided here in our website, hyperlinked sites, social media accounts and other platforms are for your general information only, procured from third party sources. We make no warranties of any kind in relation to our content. No part of the content that we provide constitutes financial advice, legal advice or any other form of advice meant for your specific reliance for any purpose. Any use or reliance on our content is solely at your own risk and discretion. You should conduct your own research, review, analyse and verify our content before relying on them.

Recommended Posts