Check Point Research (CPR) identified a security flaw in Rarible, the NFT marketplace with over two million active users. If exploited, the vulnerability would have enabled a threat actor to steal a user’s NFTs and crypto tokens in a single transaction. CPR immediately disclosed findings to Rarible, who acknowledged the security flaw. CPR’s revelations mark the second time that their researchers discovered security flaws in an NFT marketplace. In October 2021, CPR found security issues in OpenSea, the world’s largest NFT marketplace. CPR’s research motivations into Rarible was sparked when they witnessed a similar attack on Jay Chou, a famous Taiwanese singer, whose NFT was stolen and sold for $500k.
- A successful attack would have come from a malicious NFT within Rarible’s marketplace itself, where users are less suspicious and familiar with submitting transactions
- Exploitation begins with a victim receiving a link to the malicious NFT who then clicks on it
- CPR warns that we will continue to see crypto wallet theft around the world and shares four safety tips
Check Point Research (CPR) identified a security flaw in Rarible, the NFT marketplace with over two million monthly active users. If exploited, the vulnerability would have enabled a threat actor to steal a user’s NFTs and cryptocurrency wallets in a single transaction. A successful attack would have come from a malicious NFT within Rarible’s marketplace itself, where users are less suspicious and familiar with submitting transactions. CPR alerted Rarible of its findings immediately. In 2021, Rarible reported over $273 million trading volume in 2021, making Rarible one of the largest NFT marketplaces in the world. Attack Methodology: CPR outlined the attack method, as the following:
1 Victim receives a link to the malicious NFT or browses the marketplace and clicks on it.
2. The Malicious NFT executes JavaScript code and attempts to send a setApprovalForAll request to the victim.
3. Victim submits the request and grants full access to this NFT’s/Crypto Token to the attacker.
Research Motivations: On April 1, CPR witnessed a similar attack on Jay Chou, a famous Taiwanese singer. He was tricked into submitting a transaction that stole his BoardAppe NFT 3738 that later sold for $500,000 on the marketplace. CPR became intrigued, as the victim of this method can be any crypto/NFT holder. CPR quickly launched a thorough investigation of Rarible. CPR’s motivation behind this latest research is to prevent risks of account takeover and cryptocurrency theft. CPR’s current findings build on top of previous research in October 2021, where they found critical security flaws in OpenSea, the world’s largest NFT marketplace. Left unpatched, the vulnerabilities discovered on OpenSea’s platform could allow hackers to hijack user accounts and steal entire cryptocurrency wallets by crafting malicious NFTs.
Mr. Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software:
“CPR has invested significant resources in examining the intersection of crypto and security. We still continue to see large efforts by cyber criminals to try and heist big profits from cryptocurrency, especially NFT marketplaces. In October last year, we discovered critical security flaws in OpenSea, the world’s largest NFT marketplace. Now, we’ve identified similar vulnerabilities in Rarible. In terms of security, there is still a huge gap between, between Web2 and Web3 infrastructure. Any small vulnerability can possibly allow cyber criminals to hijack crypto wallets behind the scenes. We are still in a state where marketplaces that combine Web3 protocols are lacking from a security perspective. The implications following a crypto hack can be extreme. We’ve seen millions of dollars hijacked from users of marketplaces that combine blockchain technologies. Currently, I expect to see a continuing increase in cryptocurrency thefts. Users must pay attention. Users currently need to manage two types of wallets: one for most of your crypto and another just for specific transactions. Should the wallet for specific transactions become compromised, users can still be in a position where they don’t lose everything.CPR will continue to research the new frontier of blockchain technology from a security point of view.”
If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com/ roy@roymediative.com, 9811346846/9625243429
