OpenSea Fixes Vulnerabilities That Hackers Could Use to Steal Crypto

OpenSea is one of the well-known NFT marketplaces out there, has fixed certain vulnerabilities that hackers could take advantage of to steal cryptocurrency.

This move came after a security firm noticed tweets of victims who lost their crypto after being gifted with malicious NFTs.

OpenSea has likewise added a feature that hides gifted NFTs from unverified collections from a person's profile page.

OpenSea Fixes Vulnerabilities

OpenSea has fixed vulnerabilities that hackers could use to steal cryptocurrency from unsuspecting victims.

According to a report by The Verge, "The issue was found by security firm Check Point Research, which noticed tweets from people claiming they were hacked after being gifted NFTs."

The report says that OpenSea was able to fix the vulnerabilities after an hour and even worked with researchers to make sure that the vulnerabilities really are no more.

Hackers victimizing digital marketplaces such as NFT marketplaces had been a serious concern for both sellers and buyers alike. Back in March, digital art marketplace Nifty Gateway fell victim to a hack that stole artworks worth thousands of dollars.

How the Potential Theft Works

Hacker on laptop
Getty Images

Being gifted an NFT does not require any action from the recipient, and The Verge notes that there are no risks involved if a malicious NFT is left unviewed in one's account. The problem begins when the recipient views the said malicious NFT.

"For users with a crypto-wallet browser extension like MetaMask installed, it initiates a popup asking to connect storage.opensea.io to their wallet," The Verge explains. When the recipient of the malicious NFT clicks "yes," it opens the opportunity for hackers to steal the recipient's wallet information.

This could trigger another popup asking if the recipient is approving the transfer of crypto to another wallet. If the recipient approves the transfer for one reason or another, then the theft will definitely occur.

To help lessen the risks of clicking to view malicious NFTs, OpenSea has launched a new feature that hides gifted NFTs from unverified collections from a person's profile page. According to an announcement by OpenSea, these NFTs are placed in a hidden tab.

The feature has already been rolled out for NFTs on the Polygon and Klaytn blockchains and will soon be available for Ethereum-based NFTs.

Related Article: Banksy Fake NFT Thousand-Dollar Scam Update: Cybersecurity Expert Claim Blockchain Website Ignores His Warning About a Vulnerability

Other OpenSea Updates

OpenSea has also announced other new updates and features along with the feature that hides malicious NFTs.

One of these new announcements involves the recently-launched OpenSea app, which now lets users discover NFTs by category. The app also lets users track NFT drops as well as follow NFT collections.

OpenSea has also rolled out an account safety feature "that allows users to disable buying and selling for NFTs in their account if they believe their wallet has been compromised."

This article is owned by Tech Times

Written by Isabella James

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics