Saturday, April 1

Theft in an NFT ‘museum’: 1.7 million dollars in digital works disappear after a phishing

OpenSea, one of the main platforms for the sale, auction and exhibition of NFTs, has suffered a cyberattack that has led to the theft of the digital works of several of its users, the company has acknowledged. The criminals managed to sneak onto the platform and impersonate their identity so that the victims would sign a new construction management contract, which was actually a trap that allowed the attackers to gain control of it.

The Spaniard who has won almost a million euros creating NFT: “In traditional art there is much more smoke”

Know more

The cyberattack responds to a phishing method like those that affect users around the world, in which fraudsters impersonate banks, public institutions or parcel delivery companies. On this occasion, the victims have been the owners of these crypto assets that exploded in 2021 as a way to buy and sell digital works of art. “Our team has been working tirelessly to investigate the specific details of this phishing attack,” says OpenSea, which acknowledges that “it has not yet determined the exact origin.”

The alarm sounded on Saturday after some affected saw how their NFTs had disappeared from their accounts. The value of the stolen files amounts to more than 1.7 million dollars, he pointed out. Molly White, a reference blogger in the crypto world who has been in contact with the victims. The platform has not confirmed the figure but it has stated that the number of affected is less than that initially announced: “We have reduced the list of affected people to 17, instead of the 32 mentioned above.”

“The attack does not appear to be active at this time. There has been no activity on the malicious contract in more than 15 hours,” New York-based OpenSea tweeted around 5 a.m. (Spanish time).

As some of those affected have explained on Twitter, the US media collects TheVerge, the attacker managed to impersonate OpenSea and convince victims to sign a partial contract, which was actually a blanket authorization with large blanks. With the signing, the criminals completed the contract with an order to transfer ownership of the NFTs without any consideration. That is, the victims signed a blank check that the scammers then filled out to steal from them.

In this process, the cyberattackers carried out practices without apparent sense, Molly White has revealed. “The hacker returned some of the NFTs to their original owners, and one victim inexplicably received 50 ETH ($130,000) from the attacker, as well as some of his stolen NFTs. The attacker later transferred 1,115 ETH earned from the attack to a tumbler of cryptocurrencies, worth around 2.9 million dollars,” he explains on his blog.

A tumbler of cryptocurrencies, which can be translated as mixer, is a service used to hide the trail of compromised cryptocurrencies. The operations with these digital assets are registered in a public registry book and of which each user has a copy, making it difficult to hide an NFT or cryptocurrency related to an illicit activity. What a mixer does is, roughly speaking, flood that ledger with tens of thousands of trades in which the compromised cryptocurrencies are mixed with other funds of legal origin, in such a way that it is almost impossible to trace the funds.

Despite the fact that one of the strengths claimed by supporters of cryptocurrencies is the security that derives from this decentralized control method, these assets are not safe from theft. At the end of January, another of the most important exchange platforms, recognized a theft of 30 million dollars in Bitcoin and Ethereum. The company promised to return the sums stolen to those affected.