A bug in the world's largest NFT market could have allowed crypto wallets to be hijacked or stolen
Cyber-security researchers on Wednesday reported that world's largest
View all Offers
View all Offers
- 16% OFF
Oppo A16 (Pearl Blue, 4GB RAM, 64GB Storage) with No Cost EMI/Additional Exchange Offers₹ 13490₹ 16990Buy On
OnePlus Nord 2 5G (Blue Haze, 8GB RAM, 128GB Storage)₹ 29999₹ 29999Buy On
- 51% OFF
Samsung Galaxy S20 FE 5G (Cloud Navy, 8GB RAM, 128GB Storage)₹ 39990₹ 70499Buy On
- 18% OFF
OPPO A55 (Starry Black, 4GB RAM, 64GB Storage) with No Cost EMI/Additional Exchange Offers₹ 15490₹ 18990Buy On
- 14% OFF
Apple iPhone 11 (64GB) - Black₹ 41999₹ 49900Buy On
After seeing reports of stolen crypto wallets triggered by free airdropped NFTs, Check Point Research (CPR) investigated OpenSea, the world's largest NFT marketplace.
The investigation led to the discovery of critical security vulnerabilities on OpenSea's platform.
The team immediately disclosed findings to OpenSea, who went onto deploy a fix in less than one hour of disclosure.
OpenSea is known as the world's largest NFT marketplace, recording $3.4 billion in transaction volume in August alone.
"These attacks would have relied on users approving malicious activity through a third-party wallet provider by connecting their wallets and providing a signature for the malicious transaction," OpenSea said in a statement.
"We have been unable to identify any instances where this vulnerability was exploited but are coordinating directly with third-party wallets that integrate with our platform on how to help users better identify malicious signature requests, as well as other initiatives to help users' thwart scams and phishing attacks with greater efficacy," the company added.
NFTs allow people to buy and sell ownership of unique digital items in cryptocurrencies, and keep track of who owns them using the Blockchain. NFTs can technically contain anything digital, including drawings, artworks, tweets, animated GIFs, songs, or even video games.
The investigation of OpenSea was prompted by reports of free airdropped NFTs allegedly gifted to users.
The security researchers recommended that users must be careful when receiving requests to sign your wallet online.
"Given the sheer pace of innovation, there is an inherent challenge in securely integrating software applications and crypto markets," said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software.
"We sternly warn the OpenSea community to watch out for suspicious activity that may lead to theft, as we believe bad actors will continue to expand their efforts, in order to hijack crypto wallets while exploiting system vulnerabilities," Vanunu added.
‘We should be ready for the worst’ — MakerDAO founder is not optimistic about the stablecoin regulation in 2022
Bitcoin crosses $57,000 for the first time in five months — altcoins continue to struggle
Binance to halt Chinese yuan-crypto trading and restrict mainland China customers to withdrawals only
Popular on BI
- WhatsApp won’t work on these phones from November 1: Check the full list
- Shiba Inu hits another all-time-high — now more valuable than Adani Enterprises, Tata Steel and Tech Mahindra
- Shiba Inu is not only bigger than Dogecoin — it’s now bigger than XRP, Polkadot and USD Coin as the seventh-biggest player in the market
- Best budget external hard disk drives under ₹4,000 in India
- IRCTC will lose a chunk of its revenue to the Indian government starting next month
- EaseMyTrip makes its first acquisition in 13 years to strengthen its hotel offerings
- Portugal''s political fate uncertain after govt budget defeat
- Battlegrounds Mobile India gets Dune-themed rewards in new crossover