OPENSEA NFT Hack Explained - $1.7M Stolen So Far...
HTML-код
- Опубликовано: 7 сен 2024
- 32 Confirmed ethereum addresses on opensea have been compromised and NFT's have been stolen totaling $1,700,000 USD in value. This video will talk about the exploit and how to keep your digital assets, crypto, tokens, and NFTs safe.
Within the context of the cryptocurrency industry, phishing scams target information pertaining to online wallets. Specifically, scammers are interested in crypto wallet private keys, which are the keys required to access funds within the wallet. Their method of working is like that of many standard scams. They send an email leading holders to a specially created website that asks them to enter private key information. When the hackers have acquired this information, they can steal the cryptocurrency contained in those wallets.
Notes from @NadavAHollander
- All of the malicious orders contain valid signatures from the affected users, indicating that they did sign an order somewhere, at some point in time. However, none of these orders were broadcasted to OpenSea at the time of signing.
- None of the malicious orders were executed against the new (Wyvern 2.3) contract, indicating that they were signed before the migration and are unlikely to be related to OpenSea’s migration flow.
- 32 users had NFTs stolen over a relatively short time period. This is extremely unfortunate, but suggests a targeted attack as opposed to a systemic issue.
3) This information, coupled with our discussions with impacted users and investigation by security experts, suggests a phishing operation that was executed ahead of the deprecation of the 2.2 contract given the impending invalidation of these collected malicious orders.
4) Prior to the current phishing scam, part of why we elected to implement EIP-712 on the new contract is that EIP-712’s typed data feature makes it much more difficult for bad actors to trick someone into signing an order without realizing it.
#opensea #nft #web3
______________________________________________________________________
🗓 No Code Technology Mastermind Zoom Call Calendar [Free to Join]
lu.ma/v1st3q5l
📞 Let's Talk. One-on-One.
calendly.com/s...
➕ Consider Subscribing
bit.ly/3ekpBk1
🏢 Business Consulting
statechange.ai/
6:57 as a developer this can't be happened without code injection or XSS attack on their website, and it only means that they got hacked, nobody should defend or find an excuse for them, or say a 3'rd party or something ... they are responsible for thier website and their domain emails, and it can never happen if they care about cyber security
My point is their site doesn't need to get hacked, any of the third party js tags they use can inject the malicious banner if they are compromised...
What's the point of decentralisation when such smooth phishing is still viable
Insightful explanation
Good question.
i connected my metamask to opensea and 10 days after that my nft got stolen from my wallet
Thanks ☝️☝️ for helping me
Reach out ☝️☝️ he's the best
lmao trolled
I’ve had mine hacked and don’t understand how. Always been careful. Lost everything
I'd be curious to learn more - send me an email. macgyvertechnology[@]gmail.com
do we tend to be hacked if we upload 2k or more NFT by hand 1 by 1 in opensea ?
⬆️👆I can’t stop talking about this guy 👆I do value your effort dude
funni
WHAT IS THE ISSUE
*HOW TO SELL YOUR NFT FAST*
*HOW TO BUY HIGER RATE @ LOW PRICE
*HOW TO DOUBLE YOUR ETH WITH NFT*
*FUND RECOVERY*
👇👇👇👇👇
Got back my disabled account from Clickcybertech after a co worker recommended him, he’s awesome and so reliable
⬆️👆I can’t stop talking about this guy 👆I do value your effort dude