Hackers use OpenSea flaw to steal $1 million in NFT assets

At present, 97% of NFT transactions in the market are conducted through OpenSea. Yesterday, a vulnerability was discovered in this platform. Hackers successfully exploited the vulnerability to purchase NFT assets at lower than market prices. The report said that at least three hackers exploited the vulnerability yesterday and purchased at least eight NFT assets with a total value of more than $1 million within 12 hours.

NFT assets that have been acquired at low prices through loopholes include Bored Ape Yacht Club, Mutant Ape Yacht Club, Cool Cats and Cyberkongz NFTs. One of the hackers, Jpegdegenlove, used the vulnerability of OpenSea to buy 7 NFT assets for about $133,000, and then re-sold for about $934,000 for a profit. He later sent 20ETH and 13ETH to the two victims, TBALLER and Vault327, respectively. , equivalent to $45,000 and $30,000.

In addition, the current market price of the Bored Ape Yacht Club NFT series is at least $198,000, but the hacker successfully acquired the asset number #9991 with 0.77ETH (about $1,800). After 20 minutes, the hacker sold off with 84.2 ETH (about 196,000 US dollars), making a steady profit of 194,000 US dollars.

Source: elliptic