Monday, October 25, 2021
News

Critical bug in world's largest NFT marketplace OpenSea found, firm fixes it

   SocialTwist Tell-a-Friend    Print this Page   COMMENT

New Delhi | Wednesday, 2021 10:45:06 PM IST
Cyber-security researchers on Wednesday reported that world's largest NFT (non-fungible token) marketplace called OpenSea had compromised security which, if exploited, could have led hackers to hijack user accounts and steal entire crypto wallets of users, by sending malicious NFTs.

After seeing reports of stolen crypto wallets triggered by free airdropped NFTs, Check Point Research (CPR) investigated OpenSea, the world's largest NFT marketplace.

The investigation led to the discovery of critical security vulnerabilities on OpenSea's platform.

The team immediately disclosed findings to OpenSea, who went onto deploy a fix in less than one hour of disclosure.

OpenSea is known as the world's largest NFT marketplace, recording $3.4 billion in transaction volume in August alone.

"These attacks would have relied on users approving malicious activity through a third-party wallet provider by connecting their wallets and providing a signature for the malicious transaction," OpenSea said in a statement.

"We have been unable to identify any instances where this vulnerability was exploited but are coordinating directly with third-party wallets that integrate with our platform on how to help users better identify malicious signature requests, as well as other initiatives to help users' thwart scams and phishing attacks with greater efficacy," the company added.

NFTs allow people to buy and sell ownership of unique digital items in cryptocurrencies, and keep track of who owns them using the Blockchain. NFTs can technically contain anything digital, including drawings, artworks, tweets, animated GIFs, songs, or even video games.

The investigation of OpenSea was prompted by reports of free airdropped NFTs allegedly gifted to users.

The security researchers recommended that users must be careful when receiving requests to sign your wallet online.

"Given the sheer pace of innovation, there is an inherent challenge in securely integrating software applications and crypto markets," said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software.

"We sternly warn the OpenSea community to watch out for suspicious activity that may lead to theft, as we believe bad actors will continue to expand their efforts, in order to hijack crypto wallets while exploiting system vulnerabilities," Vanunu added.

--IANS na/vd

( 362 Words)

2021-10-13-16:38:05 (IANS)

 
  LATEST COMMENTS ()
POST YOUR COMMENT
Comments Not Available
 
POST YOUR COMMENT
 
 
TRENDING TOPICS
 
 
CITY NEWS
MORE CITIES
 
 
 
MORE SCIENCE NEWS
Why asteroid Bennu's surface is rocky?...
iQOO to update its entire portfolio to A...
Apple iPhone 13 mini packs a powerful pu...
Tesla hikes prices across its popular EV...
Study finds climate change lowers nutrit...
MacBook Air 2022 may be the first to fea...
More...
 
INDIA WORLD ASIA
IMD predicts partly cloudy day for Delhi...
India has potential to become 'content s...
India reports 14,306 new COVID-19 cases ...
Puducherry govt allows sale of firecrack...
Man arrested at Delhi airport for smuggl...
SC asks Centre to put NEET-PG counsellin...
More...    
 
 Top Stories
Afghanistan's U-23 football team mi... 
Kerala reports 6,664 new COVID-19 ... 
Sri Lanka name three uncapped playe... 
Uttarakhand CM to form high-powered... 
NEET-PG counselling will not start ... 
TN truck operators want fuel prices... 
No clarity on 'Virata Parvam', 'Dri... 
Vatican directs TN Catholic priests...