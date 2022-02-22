Dozens of users have been affected by an attack on OpenSea, one of the largest markets for NFTs. This happened during the early hours of February 20, and OpenSea has been working ever since to clarify the facts.

As they have been able to find out, it was a phishing attack that, in an approximate duration of three hours, was able to steal a total of 254 NFTs from OpenSea. The total sum of these digital works amounted to 1.7 million dollars.

After the attack, Devin Finzer, CEO and co-founder of OpenSea, wanted to explain the matter through Twitter, where she sheds a little light on what happened. There he states that the attack is not connected to the OpenSea website, and that it affected a total of 32 users. However, recently OpenSea confirmed what the number of affected was only 17since 32 also included those people who interacted with the attacker.

17 users signed a malicious payload, causing some of their NFTs to be stolen by the attacker. According to Finzer and also from OpenSea, there has been no other activity since then, and some of the stolen NFTs have already been recovered. So far, OpenSea has not detected any e-mail containing phishing and they have not been able to find out which web page made users sign with malicious code. In this case, Finzer insists that users should ensure that the domain being interacted with is ‘opensea.io’ and not another.

I know you’re all worried. We’re running an all hands on deck investigation, but I want to take a minute to share the facts as I see them: – Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022

The most ironic thing about all this is that, each transaction made was obtained through validated signatures. However, none of these targeted the new Wyvern 2.3 contract, according to says Nadav Hollander, CTO of OpenSea. Thus, everything points to the attack was made before the migration to this new protocol.

In the total of the 254 NFTs, those from Decentraland and Bored Ape Yacht Club are included, as the security and analysis firm PeckShield has been able to gather through this document. Due to the nature of this system and thanks to Blockchain technology, anyone can access the attacker’s digital wallet, since it was from there that some of the stolen NFTs were sold. Users accessing the profile are warned that the NFTs were obtained by a phishing attack.