BlockchainNFTThe cybersecurity flaw that could cost OpenSea dearly

The cybersecurity flaw that could cost OpenSea dearly

A cybersecurity research company, has discovered a critical issue in the platform that puts many OpenSea members at risk. Fortunately, OpenSea is aware of the vulnerability and is working to address the security vulnerabilities.

The popularity of NFTs

The non-expendable tokens are still being discussed in the crypto world: Bored Apes, CryptoPunks and other popular NFT sell for thousands, and in some cases, millions of dollars. Whether you are the creator of NFT or the buyer, you have probably traded non-fungible tokens on one of the largest platforms in the NFT market, for example, OpenSea. However, for its popularity, you have to pay. It attracts crypto hackers who seek to steal vulnerable bidders.

OpenSea Critical Security Flaws

OpenSea allows users to mine any NFT digital artwork as long as they have one of the following extensions: JPG, PNG, GIF, SVG, MP4, WEBM, MP3, WAV, OGG, GLB, GLTF. It should also be noted that in order to buy and sell NFT on OpenSea, members must connect a cryptocurrency wallet (e.g. Metamask) to the platform. Users need to replenish their wallet with cryptocurrencies (usually Ethereum) to pay NFTs and / or gas fees.

According to laptopmag.com, to test the security of OpenSea’s network, the Check Point Research team acted as a hacker and injected malicious code into an SVG image intended to trick unsuspecting victims into abandoning their cryptocurrency wallets. . As the video shows , the “intruders” were successful.

Fortunately, this opportunity no longer exists in the NFT market. “OpenSea and Check Point, together, have corrected this shortcoming,” the report says. 

How the intruders acted

Before the security flaw was corrected, specialists from Check Point noted that hackers could steal cryptocurrency, tricking victims into clicking fake windows to approve a wallet after going over one of the links of third parties. For those who do not know: before buying (or mining) NFT on OpenSea, Metamask launches the window of the approval of a wallet by offering to authorize (or reject) the transaction. It’s a normal algorithm. However, if after clicking on a third-party link you see a wallet window where you are accidentally asked to enter your credentials, it means something has gone wrong and you should think about it.

“OpenSea does not request portfolio approval to view or click on third party links. This behavior is extremely suspicious and users should not confirm their portfolio if they are not related to specific activities on OpenSea, ”the report said.

Also Check:

Blockchain and crypto: What is proof of stake?

Czech Republic: Royal family launches collection of NFTs

The upward trend in the market for digital currencies

Check Point investigators have warned that buyers and sellers of NFTs on OpenSea should be careful when interacting with their cryptocurrency wallets. It’s easy to automatically approve transactions, and not notice the catch. It is therefore important to carefully consider the request and determine who it is from. “If in doubt, the request should be rejected,” the report advises.

Phishing isn’t the only way cryptos try to steal victims’ virtual assets. Therefore, before delving into the topic, we advise you to read documents about the tricks used by hackers, study the theory and start working.

Stephan Evans
Stephan Evanshttps://www.newsalarms.com/
I'm the Man in charge of News Alarms, but also getting all the reviews up on the website, so you can thank me for all those shining stars – or blame me for a lack of them. I also spend my time working my SEO magic to try and coax the Google Juice to flow in our favor.

Latest news

MovieDOM Unleashes Blockchain-Powered Entertainment Platform to Transform Film, Music, and Events

Dubai, UAE, 17th May 2025, The entertainment industry is undergoing a dramatic shift as MovieDOM launches its revolutionary decentralized platform. Designed...

CABSAT, Integrate Middle East and SATExpo 2025 Draw 32,000+ Attendees, Cementing Dubai’s Status as Global Hub for Media, Pro AV and Space Innovation

The three events brought together 820+ exhibiting brands from 120+ countries and 190 high-level speakers Dubai, UAE, 17th May 2025,...

Church of Scientology Nashville to Host 75th Anniversary Celebration of Dianetics This Weekend

Nashville, Tennessee, 16th May 2025, ZEX PR WIRE, The Church of Scientology Nashville is celebrating a major milestone this...

VMF Focuses on Addressing Marketers’ Top Priorities

Dubai, UAE, 13th May 2025, ZEX PR WIRE, Vibe Marketing Tech Fest will take place in Manchester on July 10,...

CYSEC MENA 2025: Bahrain Set to Host 15th Global Edition of Premier Cybersecurity Summit

Manama, Bahrain, 13th May 2025, ZEX PR WIRE, As MENA continues its rapid digital advancement, the focus on building secure,...

$LIMO Pumps 68% in a Month — MAIA AI Health Agent & Key Moves Driving the Momentum

Limoverse, the leading Web3-powered health and wellness ecosystem, is riding a strong wave of momentum. With a 47% price...

Must read

MFEV Marathon Success in Serbia: Celebrating Runners, Community, and Charity

MFEV proudly announces the successful conclusion of the MFEV...

Top Cryptos Under $1 to Buy in 2024: Invest Now!

Top Cryptocurrencies to Consider for 2024: Best Picks for...

Must-Grab Crypto Airdrops This August 2024

Get Ready for Exciting Upcoming Crypto Airdrops! Prepare yourself for...

Trending Now: The 5 Best Tap-To-Earn Games Across the Globe

Earn Crypto with These Top 5 Tap-to-Earn Telegram Games The...

Rising Bitcoin Scam in Munich: Police Warn Against Fake Paper Wallets

The Bavarian State Criminal Police Office warns against Bitcoin...

You might also like
Recommended to you