Critical bug in world's largest NFT marketplace OpenSea found, firm fixes it

13-10-2021 Wed 17:38 IST | IANS | Technology

New Delhi, Oct 13 : Cyber-security researchers on Wednesday reported that world's largest NFT (non-fungible token) marketplace called OpenSea had compromised security which, if exploited, could have led hackers to hijack user accounts and steal entire crypto wallets of users, by sending malicious NFTs.

After seeing reports of stolen crypto wallets triggered by free airdropped NFTs, Check Point Research (CPR) investigated OpenSea, the world's largest NFT marketplace.

The investigation led to the discovery of critical security vulnerabilities on OpenSea's platform.

The team immediately disclosed findings to OpenSea, who went onto deploy a fix in less than one hour of disclosure.

OpenSea is known as the world's largest NFT marketplace, recording $3.4 billion in transaction volume in August alone.

"These attacks would have relied on users approving malicious activity through a third-party wallet provider by connecting their wallets and providing a signature for the malicious transaction," OpenSea said in a statement.

"We have been unable to identify any instances where this vulnerability was exploited but are coordinating directly with third-party wallets that integrate with our platform on how to help users better identify malicious signature requests, as well as other initiatives to help users' thwart scams and phishing attacks with greater efficacy," the company added.

NFTs allow people to buy and sell ownership of unique digital items in cryptocurrencies, and keep track of who owns them using the Blockchain. NFTs can technically contain anything digital, including drawings, artworks, tweets, animated GIFs, songs, or even video games.

The investigation of OpenSea was prompted by reports of free airdropped NFTs allegedly gifted to users.

The security researchers recommended that users must be careful when receiving requests to sign your wallet online.

"Given the sheer pace of innovation, there is an inherent challenge in securely integrating software applications and crypto markets," said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software.

"We sternly warn the OpenSea community to watch out for suspicious activity that may lead to theft, as we believe bad actors will continue to expand their efforts, in order to hijack crypto wallets while exploiting system vulnerabilities," Vanunu added.


More News
UNESCO prize for world-acclaimed Kung Fu Nuns
23 minutes ago
PM Modi to inaugurate Kushinagar Int'l Airport today
1 hour ago
Facebook to pay $4.79mn fine for discriminating in favour of foreigners against US citizens
2 hours ago
Google launches Pixel 6, Pixel 6 Pro with Tensor chipset
2 hours ago
Hetero Chairman announces 5 kg gold for Yadadri temple
9 hours ago
YSRCP denies involvement in attacks on TDP offices
9 hours ago
Yadadri temple needs 125 kg gold, KCR to donate 1 kg
9 hours ago
'Bigg Boss 15': Housemates banished to the jungle for not following rules
10 hours ago
Nagarjuna to lock horns with Telugu biggies during Sankranti 2022
10 hours ago
6 kg gold seized at Hyderabad Airport
11 hours ago
MAA elections: Manchu Manoj responds to Ram Gopal Varma's barb
12 hours ago
Sindhu makes winning return at Denmark Open
12 hours ago
NASA's Perseverance rover captures sounds on Mars
13 hours ago
India will produce the cheapest hydrogen in the world: Gautam Adani
13 hours ago
'Pak playing T-20 in J&K': Owaisi slams Modi govt over match
13 hours ago
Fed up with looking after ailing husband, Kerala wife slits his throat
14 hours ago
'Bigg Boss Telugu 5': VJ Sunny catches Nagarjuna's eye, riles housemates
14 hours ago
Harbhajan, Srinath get MCC's honorary life membership
14 hours ago
Trump's presidential website hacked, defaced: Report
15 hours ago
Exclusion of caste data as unjust as discrimination: Chandrababu Naidu
15 hours ago
Malala Yousafzai asks Afghan Taliban to reopen girl schools
16 hours ago
The best time to apply body lotion?
17 hours ago
Massive supply gap in hiring Data Science talent in India: Study
17 hours ago
BJP, Congress colluding in Huzurabad by-poll: KTR
17 hours ago
Telugu OTT platform to rope in Samantha for next venture
18 hours ago
TRS leaders to study organisational structure of DMK, AIADMK
18 hours ago
Prez Kovind, PM Modi convey Eid greetings to nation
19 hours ago
Global cues, positive macros push equities higher for 8th day in row
19 hours ago
Apple showcases Indian-origin women techies' power on the world stage
19 hours ago
Governors, CMs of Telugu states greet Muslims on Eid-e-Milad
19 hours ago