Possible significant OpenSea exploit; high value NFTs stolen (opens in new tab)

(etherscan.io)

28 pointszydex4y ago17 comments

17 comments

13 comments · 5 top-level

darthrupert4y ago· 3 in thread

Yet nothing of value was lost. Weird.

ivanvanderbyl4y ago

Just wondering, how do you steal something that is non-fungible?

wrboyce4y ago

You mean like artwork?

baobabKoodaa4y ago

Can you explain the joke?

rvz4y ago· 2 in thread

Listen to the disaster in real time: https://twitter.com/0xBiZzy/status/1495199867152523265

Etherscan and revoke.cash are down. This is the web3 utopia hype they have been screaming about yet the centralized services they use (Etherscan) are going down, NFTs being stolen via a vulnerability in OpenSea and there is no way to get them back. Ha.

What a magnificent disaster.

sergiomattei4y ago

I’m listening to panicked people on the space suggest the use of different web apps to stop the exploit.

Can’t help but wonder… in the midst of the panic, are they even checking what these revoke websites contracts do? It’s too easy to social engineer something like this…

ecoeconomy4y ago

The decentralized aspect of blockchains is mostly smoke and mirrors. Moxy Marlinspike recently wrote a really good blog post about all the hidden central points of failure in the ecosystem but it doesn't look like anyone was paying any attention.

2 more replies

chizhik-pyzhik4y ago· 2 in thread

This appears to be a phishing attack: https://twitter.com/cyphreth/status/1495206957589925892 https://twitter.com/0xfoobar/status/1495208279210876930

Example attacker transaction: https://ethtx.info/mainnet/0x18c0b67adf306b7f0da948e238c1397...

We see that this tx performs 3 layers of delegation, whereas normally the opensea WyvernExchange contract needs 2 (user's proxy delegates action to WyvernAtomicizer, which performs the transfer.) In this case there's another layer: user proxy delegates to attacker contract 0xa2c0946ad444dccf990394c5cbe019a858a945bd, which then calls the Atomicizer to do a malicious transfer.

Kye4y ago

Even if it's a phish, the scale suggests a systemic issue. I doubt NFT people are that much more gullible than the average phishing victim.

aaaaaaaaata4y ago

By that logic, email phishing is a systemic issue — shut it all down!

1 more reply

cuteboy194y ago· 1 in thread

I think we should stop using normative terminology like "stealing" when talking about NFTs and stuff. Code is law and the code says it belongs to the hacker. Maybe "involuntary transfer" is a better phrase instead

zydexOP4y ago

I think I would agree in other cases but in this case it is likely it was a phishing attack in which OpenSea were impersonated to steal user signatures. I think if someone held a gun to a crypto owner's head and forced them to hand over their seed phrase then that should still be called theft. Entirely different scale but still an "involuntary transfer" within the code's "law".

Kye4y ago

While I'm no fan of cryptocurrency in general, it does seem like the space has plenty of people who understand security. The steady stream of high profile NFT hacks suggests none of them want to go near NFTs. If all the people NFTs are supposed to help won't touch them, and all the smart security people won't touch them, maybe there's a reason.

j / k navigate · click thread line to collapse

17 comments

13 comments · 5 top-level

darthrupert4y ago· 3 in thread

Yet nothing of value was lost. Weird.

ivanvanderbyl4y ago

Just wondering, how do you steal something that is non-fungible?

wrboyce4y ago

You mean like artwork?

baobabKoodaa4y ago

Can you explain the joke?

rvz4y ago· 2 in thread

Listen to the disaster in real time: https://twitter.com/0xBiZzy/status/1495199867152523265

What a magnificent disaster.

sergiomattei4y ago

I’m listening to panicked people on the space suggest the use of different web apps to stop the exploit.

Can’t help but wonder… in the midst of the panic, are they even checking what these revoke websites contracts do? It’s too easy to social engineer something like this…

ecoeconomy4y ago

2 more replies

chizhik-pyzhik4y ago· 2 in thread

This appears to be a phishing attack: https://twitter.com/cyphreth/status/1495206957589925892 https://twitter.com/0xfoobar/status/1495208279210876930

Example attacker transaction: https://ethtx.info/mainnet/0x18c0b67adf306b7f0da948e238c1397...

Kye4y ago

Even if it's a phish, the scale suggests a systemic issue. I doubt NFT people are that much more gullible than the average phishing victim.

aaaaaaaaata4y ago

By that logic, email phishing is a systemic issue — shut it all down!

1 more reply

cuteboy194y ago· 1 in thread

zydexOP4y ago

Kye4y ago

j / k navigate · click thread line to collapse