OpenSea is returning the millions users lost due to a bug

OpenSea is returning the millions users lost due to a bug
  • Hackers were able to exploit a bug to buy NFTs at much lower than their price, and relist them to sell higher.
  • OpenSea said that this wasn’t an exploit of a bug, but an issue that arises “because of the nature of the blockchain”.
  • OpenSea raised a funding round worth $300 million on January 24, raising its valuation to $13.3 billion.
Non-fungible token (NFT) platform, OpenSea, has started contacting and refunding users who were affected by a bug that allowed users to buy NFTs at reduced prices. The bug was first reported by blockchain security company, Elliptic, on January 24. The firm said that hackers had exploited the bug to “steal” $1 million on the platform’s users.

"Since this issue was identified, we've taken it incredibly seriously and worked to ship product solutions for the community. This is not an exploit or a bug -- it's an issue that arises because of the nature of the blockchain. OpenSea cannot cancel listings on behalf of users. Instead, users must cancel their own listings," a spokesperson for OpenSea told ZDNet.

On January 24, Elliptic said that it had identified at least three attackers who purchased at least eight NFTs for “much less” than their market value. This included popular NFTs like Bored Ape Yacht Club, Mutant Ape Yacht Club, Cool Cats and Cyberkongz NFTs. The same bug had also been spotted by many users on Twitter.

“The exploit appears to originate from the ability to re-list an NFT at a new price, without cancelling the previous listing. Those previous listings are now being used to purchase NFTs at prices specified at some point in the past - which is often well below current market prices,” the company’s security researchers said in a blog post.

The researchers also identified one of the attackers, who went by the pseudonym “jpegdegenlove” who had paid $133,000 for seven NFTs and had then sold them on the platform for $934,000 — a nearly seven times increase in the price in less than a day. “Fine hours later this ether was sent through Tornado Cash, a ‘mixing’ service that is used to prevent blockchain tracking of funds,” the company said.


Incidents like this don’t bode well for OpenSea, which has quickly become the posterboy for the burgeoning NFT market. The company announced a $300 million Series C funding round on January 4, raising its valuation to $13.3 billion. The round was led by investment firms Paradigm and Coatue.

Scammers are exploiting Google, Amazon and Apple’s services to steal crypto
Bitcoin mining profit is shrinking with prices in dumps and difficulty on the rise
Twitter’s long-awaited hexagonal profile pictures that give bragging rights to NFT HOLDers is here — but not everyone loves it