The discord channel for OpenSea, the largest NFT marketplace in the world has exposed its users to a phishing attempt. The NFT marketplace joins the increasing list of NFT communities that have exposed their users to attack.
In this instance, a bot published a phoney statement about OpenSea working with YouTube, luring visitors to click a “YouTube Genesis Mint Pass” link to get one of 100 free NFTs with “crazy usefulness” before they were gone forever, along with a few follow-up messages. PeckShield, a business that monitors blockchain security, identified the URL as a malicious one.
Up to $18,00 was Stolen
While the messages and phishing site are no longer accessible, one individual who reported losing NFTs in the event identified this address on the blockchain as belonging to the attacker, shedding more information on the incident. This identity has been blocked on OpenSea’s website but accessing it through a different NFT marketplace shows that more than thirteen NFTs were transferred to it from five sources during the period of attack. They have also been reported on OpenSea for “strange behaviour” and, based on the prices at which they were most recently sold, look to be worth somewhat more than $18,000.
This form of attack in which fraudsters take advantage of NFT traders seeking to profit from “airdrops,” has grown widespread among important Web3 groups. In addition to the urge to acquire uncommon things, there is the understanding that waiting might make the production of NFT slower, and more expensive.
Official Statement from OpenSea
OpenSea spokesperson Allie Mack confirmed the issue in a statement to The Verge, stating, “Last night, an attacker was able to publish malicious links in numerous of our Discord channels.
We became aware of the harmful links shortly after they were uploaded and took quick action to rectify the problem, which included eliminating the malicious bots and accounts. We also notified our users via our Twitter help channel not to click on any links in Discord. Since 4:30 a.m. Eastern Time, we have not observed any new fraudulent postings.” “We will continue to carefully investigate this assault and will keep our community informed as new information becomes available.”