Friday, March 29, 2024
spot_img
spot_img

New OpenSea attack led to theft of millions of dollars in NFTs

spot_img
spot_img
- Advertisement -

The idea behind the OpenSea migration is to address the existing inactive listings of old NFT’s, and in order to do that, they are planning to upgrade to a new contract. All users will be required to “migrate” their listings on Ethereum to the new smart contract.

The atomic Match would be forwarded to the OpenSea contract. atomicMath in OpenSea is responsible for all the Trading on OpenSea with minimal trust. Atomic means that the transaction will only take place if all the parameters of the transaction are met. And this is how all the NFTs are moving around accounts at OpenSea.

This is why the attacker decided to use the atomic Match to steal the victim NFTS because this kind of request is capable of stealing all victim NFTS in one transaction.

The flow of the attack looks as victim clicks on a malicious link from the phishing email. The link opens a phishing website and asks the victim to sign a transaction. Many websites and projects request permanent access to your NFT’s by sending you a transaction to sign. This transaction will give the websites/projects access anytime they want to your NFT unless Signing a transaction is similar to giving someone permission to access all your NFT’s and cryptocurrencies. This is why signing is very dangerous. Pay extra attention to where and when you sign a transaction. Phishing emails may be tricky. We don’t recommend clicking on links from emails no matter who is the sender, always try to find the same information on the website provider.

If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com/ roy@roymediative.com, 9811346846/9625243429.

- Advertisement -
spot_img
spot_img
spot_img
spot_img