NFTS, some love them while others hate them, but what is certain is that they move astronomical figures of money, and where there is a lot of money there are surely friends of others. This is how the NFT community has become the target of a hack that has stripped several people of their precious non-fungible digital tokens; which together are “listed” for a value equivalent to 1.5 million euros.
This story originates from OpenSea, the largest online marketplace for trading NFTs, when the site’s co-founder, Devin Finzer, reported that 17 users of the platform have been the victims of a phishing attack this Sunday, February 20. 2022. As a result, users have lost possession of their NFTs to the cyber criminal(s) behind the attack.
OpenSea Denies Responsibility for Phishing Attack and Lost NFTs
Being an attack by means of Phishing, it is difficult to point the finger at OpenSea. In this sense, the company defends that the attack was perpetrated outside of OpenSea and the site is ruled out as a vector for the attack.
“We are actively working with users whose items were stolen to narrow down a set of common websites they interacted with that could have been responsible for the malicious signatures,” Finzer said on Sunday.
Similarly, the company’s technology director, Nadav Hollander; ruled out the possibility that the attack had something to do with or took advantage of the migration process to a new contract system that is currently running through OpenSea’s platform.
In short, this incident that occurred on Saturday February 19 is not the responsibility of OpenSea. In addition, Finzer indicated that the evidence points to this being “a targeted attack rather than a systematic problem. ”
However, despite the fact that the attacks have been committed outside the platform; OpenSea is currently “actively assisting affected users and discussing ways to provide additional assistance.”
1) We’ve narrowed down the list of impacted individuals to 17, rather than the previously mentioned 32. Our original count included anyone who had *interacted* with the attacker, rather than those who were victims of the phishing attack.
— OpenSea (@opensea) February 21, 2022