OpenSea Users Lose $1.7 Million USD in NFTs From Likely Phishing Attack
32 users lost a combined 254 tokens.
A group of users on NFT exchange platform OpenSea has been hacked, leading to a loss of hundreds of NFTs.
According to new reports, 32 accounts on the service were hacked through what the company believed to be phishing attacks. 254 tokens were stolen, including works from Azuki and Bored Ape Yacht Club. Web3 expert Molly White estimates the total loss to be roughly 641 ETH, or approximately $1.7 million USD.
“We have confidence that this was a phishing attack,” OpenSea co-founder and CEO of OpenSea Devin Finzer explained on Twitter. “We don’t know where the phishing occurred, but we’ve been able to rule out a number of things based on our conversations with the 32 affected users.”
He emphasized that the website itself was not a vector for the attack, and hackers did not exploit any vulnerability in the platform itself. “Interaction with an OpenSea email is not a vector for attack,” Finzer added. “In fact, we are not aware of any of the affected users receiving or clicking links in suspicious emails.”
We have confidence that this was a phishing attack. We don’t know where the phishing occurred, but we’ve been able to rule out a number of things based on our conversations with the 32 affected users. Specifically:
— Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022
In other related news, Cool Crypto Kids have launched an NFT collection to raise money for Children’s Hospital Los Angeles.