In the past several years, scammers and hackers have repeatedly attacked the crypto industry, with many ill perpetrators recently shifting their target to the nascent non-fungible token sector.
But fortunately, after several weeks of deep investigation, the anti-theft crypto project Harpie has revealed a new scam trick, terrorizing OpenSea NFT marketplace users in the past couple of years.
In a December 23 announcement, Harpie has raised the alarm over the new hack trick involving gasless sales on the OpenSea market platform. According to the cyber security firm, the scam trick has left many users losing millions in digital assets.
Hackers have been able to steal NFTs like magic with a little-known OpenSea feature. It's the newest hack, and multiple millions in Apes have been lost to it already.
(1/4) pic.twitter.com/fTK20WQrgh
— Harpie (@harpieio) December 22, 2022
The NFT Scam Trick Unmasked
After conducting in-depth investigations, the digital assets of the anti-theft firm has revealed that scammers have been stealing million in crypto and NFTs by exploiting the vulnerability in the OpenSea gasless platform.
According to Harpie security firm, many users are tempted to conduct gasless transactions within the OpenSea platform, which requires users to approve their signatures with an unreadable message.
Moreover, the OpenSea gasless feature allows users to create private actions with unreadable signatures. Because of that, scammers have been using this tool to ask users to sign one of their unreadable messages.
It’s worth noting that the login messages are signature requests to conduct a private sale of the victim’s NFT to the scammer for 0 Ether. If signed, hackers are now able to drain assets from the victim.
More NFT Scam Trick Revealed
The scam revelation appeared a few days after another blockchain security company ‘Certik’ unmasked a similar scam trick involving “ice phishing. According to Certik, scammers lure metaverse users to sign into permissions, eventually allowing attackers to steal their digital assets.
Last week, a cyber detective and analyst narrated how a scammer used the gas-less Seaport signature to steal 14 Bored Ape NFTs worth more than $1 million. According to the analyst, the hacker directed the victim to a fake NFT platform before asking the holder to sign a contract.
Related
- Scammer Steals BAYC NFTs Worth Over $1M From Crypto Investor, Here’s What Happened
- SudoRare’s Developers Steal Over $800K In A Rug Pull Scam
Wall Street Memes (WSM) - Newest Meme Coin
- Community of 1 Million Followers
- Experienced NFT Project Founders
- Listed On OKX
- Staking Rewards