opensea-70OpenSeaOwners of high-value NFTs are having their Opensea-listed assets pulled out from under them by an unknown attacker. Either the new Opensea contract was hacked, or users were hit by a phishing attack. The hacket sent a fake email designed to have people sign half of a valid wyvern order (e.g., the order was basically empty except the target (attacker contract) and calldata) and the attacker signs other half of order. Any users who interacted with Opensea’s new contracts should revoke the token approvals from Opensea immediately. Etherscan and Revoke.cash both provide interfaces for this, but are experiencing intense server load. Use whichever service will load. The attacker currently holds 641.5 ETH liquid, and many high-ticket NFTs, including 17 Azuki, 3 BAYC, 2 Cool Cats, and 2 Mutant Ape Yacht Clubs. The attacker also pocketed a racial slur ENS name. The loss amount include the values for the high-valued 16 Azuki's and 3 BoredApeYachtClub's estimated at 48 and 177 ETH respectively. Updated 2/23/22: Loss statistics for @opensea phishing incident: 1. The hacker sold NFTs valued at more than 1,200 Ether (~$3.4m), most of the funds has been deposited to @TornadoCash 2. The hacker returned most of the unsold NFTs to victims

Detail Analysis

< Back

OpenSea

Submit Incident Report

Date:

Status:

Count:

Contributor:

February 19, 2022

Verified

zerofriction.io

Loss Amount:

3,400,000

Recovered Amount:

Currency:

Dollars, ETH

KYC By:

Audit By:

None

Solidified

Website:

https://opensea.io/

Twitter:

https://twitter.com/opensea

Discord:

https://discord.gg/opensea

Telegram:

No data

Medium:

No data

Github:

No data

Key Indicators

Platform:

Type:

Category:

Method:

Ethereum

NFTs

Scams

Extended Method:

phishing

Data Sources:

https://bowtiedisland.com/new-opensea-contract-exploited-massive-attack-in-progress/

Owners of high-value NFTs are having their Opensea-listed assets pulled out from under them by an unknown attacker. Either the new Opensea contract was hacked, or users were hit by a phishing attack. The hacket sent a fake email designed to have people sign half of a valid wyvern order (e.g., the order was basically empty except the target (attacker contract) and calldata) and the attacker signs other half of order.

Any users who interacted with Opensea’s new contracts should revoke the token approvals from Opensea immediately. Etherscan and Revoke.cash both provide interfaces for this, but are experiencing intense server load. Use whichever service will load. The attacker currently holds 641.5 ETH liquid, and many high-ticket NFTs, including 17 Azuki, 3 BAYC, 2 Cool Cats, and 2 Mutant Ape Yacht Clubs. The attacker also pocketed a racial slur ENS name. The loss amount include the values for the high-valued 16 Azuki's and 3 BoredApeYachtClub's estimated at 48 and 177 ETH respectively.

Updated 2/23/22: Loss statistics for @opensea phishing incident:
1. The hacker sold NFTs valued at more than 1,200 Ether (~$3.4m), most of the funds has been deposited to @TornadoCash
2. The hacker returned most of the unsold NFTs to victims

DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.

Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.

< Back