An Unknown hacker stole a million-dollar NFT from Opensea users

Aloy continues to search for programs for the full functioning of the GEI. Let him lead her into the jungle,

Web3, the famous blockchain-based decentralized version of the World Wide Web that has collected most of the NFT market on one marketplace – Opensea, faced an unpleasant incident: over the weekend, it was discovered that some users’ e-wallets were hacked and the precious NFTs contained in them were stolen.

Alarms were raised when Opensea users began noticing that some NFTs, including Bored Ape Yacht Club and Mutant Ape Yacht Club, were missing from their wallets. Later it became known that, apparently, only one person was involved in the theft, at least criminal actions were carried out from one account.

We’re actively working with users whose items were stolen to narrow down a set of common websites that they interacted with that might have been responsible for the malicious signatures. Huge thanks to the users that hopped on the phone with us directly.

— Devin Finzer (dfinzer.eth) (@dfinzer) February 20, 2022

And this is all that is reliably known about what happened at the moment. How exactly the NFTs disappeared and how much damage the hacker caused to the users of the trading platform remains a mystery.

Opensea co-founder and CEO Devin Finser say the site is fine and that “as far as we can tell” those affected were the victims of a “phishing attack.”

Other users, however, do not share his confidence. Some victims claim they didn’t open any emails and that the only thing they have in common is that they manually migrated their collections to a new smart contract on the platform (this step was taken in order to “fix the problem with inactive ads, which allowed scammers to swindle valuable NFTs from collectors on OpenSea”).

HEY EVERYONE. I CONNECTED WITH A FEW OTHER PEOPLE WHO GOT HACKED JUST NOW.

ALL OF US ONLY HAVE ONE THING IN COMMON.
ALL OF OUR STOLEN NFT'S WERE ONES WE MANUALLY MIGRATED ON OPENSEA. @opensea you have so much explaining to do now.

— AlabasterJefferson (@AJFromDiscord) February 19, 2022

Also unknown is the exact value of the stolen. Estimates of the “cost” of damage among the victims themselves range from modest amounts to the ridiculous ($200 million). Finzer himself says: “The attacker has $1.7 million ETH in his wallet from the sale of some stolen NFTs.” An interesting fact is that the hacker was able to get the indicated amount by selling the stolen NFTs on the same Opensea.

And that is not all. For some unknown reason, the attacker not only stole the NFTs, but also gave some of them to other OpenSea users, and in some cases even returned them to their rightful owners. As reported in the Web 3 report:

“It was later revealed that the attacker successfully scammed 32 OpenSea users into signing a malicious contract that allowed the hacker to take the NFTs and then resell them. Ironically, he returned some of the NFTs to their original owners, and one victim inexplicably received 50 ETH ($130,000) from the attacker, as well as part of the stolen NFTs.“

Source: kotaku.com