We had to remove the original article as it revealed critical security issues in the known NFT platforms. To secure further misussage and scams we offer to send it on request.
Opensea was reported to cooperate with scammers between 2022 and 2023.
Several Hackers gained access to the blockchain NFT and managed to drain the wallets connected.
Sorry and keep safe.
Scams and Hacks of Online Art Platforms in the past
In recent years, the explosion of NFT platforms like OpenSea has also led to a surge in cyberattacks, scams, and thefts. Here’s a summary of some of the major tactics used by hackers and scammers to target users on OpenSea and other NFT platforms:
- Phishing Scams: One of the most common methods of scamming users is through phishing emails. Hackers often send fake emails that appear to be from OpenSea, tricking users into clicking malicious links. These links lead to fraudulent websites designed to steal login credentials or prompt users to sign malicious contracts. In a notable incident in February 2022, hackers stole 250 NFTs worth around $2 million from OpenSea users by sending phishing emails tied to an official platform update(Blockworks)(Trend Micro News).
- Smart Contract Exploits: Hackers have also exploited vulnerabilities in the smart contract protocols that underpin platforms like OpenSea. For instance, during an upgrade from Wyvern Protocol V1 to V2.3, a hacker managed to steal NFTs by manipulating older smart contracts signed under the previous version(CYBAVO). These signatures allowed the hacker to transfer NFTs from users’ wallets without direct permission(VICE).
- Discord and Social Media Phishing: Another avenue hackers use is hijacking Discord servers or social media accounts tied to NFT communities. By impersonating official channels, they lure users into connecting their crypto wallets to malicious sites. In one instance, scammers hacked OpenSea’s Discord, posting a fake announcement about a YouTube partnership, tricking users into minting non-existent NFTs(CYBAVO)(VICE).
- Listing Exploits: In some cases, hackers take advantage of inactive listings, where users may have listed NFTs at old prices or with outdated contract formats. These vulnerabilities were exploited by malicious actors to buy high-value NFTs for far below their market price(VICE).
- While OpenSea and other platforms have since strengthened security measures, these incidents highlight the need for caution when dealing with NFT transactions. To protect yourself, experts recommend avoiding blind signatures, scrutinizing email sources, and double-checking website URLs before logging in. Moreover, staying updated with the platform’s official communication channels can help users avoid phishing scams.
For further reading, check out articles from Blockworks and Trend Micro.
#Scam on #x and #twitter – read how they research a large same
learn from the experts and get your money back
An investigation into how Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) stole $243M from a single person last month in a highly sophisticated social engineering attack and my efforts which have helped lead to multiple arrests and millions frozen.