OpenSea Vulnerability Leads to Abuse of Numerous NFTs, Hacker Makes 150 ETH
Another user is exploiting a vulnerability on the platform
Another exploit on the largest Ethereum NFT marketplace appears because OpenSea has allegedly been hacked. “Anonymous” has stolen numerous NFT pieces worth around 150 ETH and is currently selling them on another platform.
According to WuBlockchain, 8 NFT pieces were stolen, including Cool Cat NFTs #9575, #7218, #3537, #1546 and Bored Ape Yacht Club pieces #6623, #1397, #775 and #2068. As Nftgo tracker suggests, the asset value of the anonymous user is currently $117,000.
Someone has once again exploited the OpenSea vulnerability for profit. The NFTs involved are Cool Cat #9575 #7218 #3537 #1546 and BAYC #6623 #1397 #775 #2068, the gain is close to 150ETH. OpenSea is suspected of blocking his address, selling on LooksRare. https://t.co/0tN0k5lgBu pic.twitter.com/gWM1lrVWmX
— Wu Blockchain (@WuBlockchain) January 28, 2022
The said pieces are sold on the LooksRare NFT marketplace which is often presented as the main competitor to the OpenSea NFT platform that gives out rewards to both sellers and buyers.
OpenSea reportedly prevented the anonymous hacker from selling on the platform by banning his address. The same procedure was used after the anonymous hacker stole approximately $600 million from PolyNetwork. The address of the wallet with stolen money was blacklisted by most exchanges that had enough liquidity to make money.
Two vulnerabilities in one week
Unfortunately for NFT holders, the current exploit was not the first problem the NFT platform had with hackers, as an anonymous user stole approximately 347 ETH by purchasing NFT pieces listed on OpenSea for a significantly lower price.
The cause of the exploit was addressed in the platform’s API, which is used by third-party marketplaces willing to make a profit from the fees.
In addition to the fact that the largest NFT marketplace has security issues, previously implemented NFT profile pictures on Twitter can in fact be replaced by hitting the same NFT from the collection again.