Advertisement

Hackers sell stolen NFTs from digital marketplace for almost $2 million

Hackers sell stolen NFTs from digital marketplace for almost $2 million
Initial reports said the hack was worth $200 million, but OpenSea's founder and CEO said that stolen NFTs were sold for less than $2 million. File Photo by FotograFFF/Shutterstock/UPI

Feb. 21 (UPI) -- Close to $2 million worth of non-fungible tokens, or NFTs, were stolen and sold after an apparent phishing attack over the weekend, authorities said.

The attack targeted U.S.-based NFT marketplace OpenSea on Saturday, the exchange's founder and CEO said.

Advertisement

Initially, it was reported that $200 million worth of NFTs were stolen.

Phishing is a common type of digital theft, which occurs when a hacker or thief attempts to steal personal information by posing as a trusted entity, often via email.

RELATED Melania Trump unveils NFT collection marking 'iconic' moments of Trump presidency

"Importantly, rumors that this was a $200 million hack are false," OpenSea CEO Devin Finzer said in a tweet. "The attacker has $1.7 million of [cryptocurrency] in his wallet from selling some of the stolen NFTs."

Blockchain security service PeckShield said about 250 NFTs were stolen, including popular ones like Decentraland and Bored Ape Yacht Club. Most of the attacks happened late on Saturday and affected almost three dozen users.

"We don't believe it's connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen," Finzer added.

RELATED British tax collector arrests 3, seizes NFTs in $1.9 million fraud case

Finzer said the phishing attack isn't active and that some of the stolen NFTs have been returned.

Advertisement

The two-part attack targeted individuals to sign partial contracts and the signatures were used to complete a contract that transferred ownership of the NFTs without payment.

The investigation hasn't pointed to which website was "tricking users into maliciously signing messages."

RELATED Surgeon who auctioned X-ray of Bataclan shooting victim as NFT facing legal action

The attack may have originated from a weakness in the Wyvern Protocol -- an open-source standard for most NFT contracts including OpenSea.

Latest Headlines

Advertisement
Advertisement

Follow Us

Advertisement