Bitcoin
$62,657.14-2.30%
Ethereum
$3,206.14-3.07%
Binance Coin
$593.59-1.44%
Solana
$136.45-5.27%
XRP
$0.50778909-2.98%
Dogecoin
$0.14500472-3.57%
Toncoin
$5.35-2.46%
Cardano
$0.45571857-4.35%
Shiba Inu
$0.00002387-4.63%
Avalanche
$33.63-4.46%
Tron
$0.12052967+0.01%
Wrapped Bitcoin
$62,756.83-2.53%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
30
DAYS
08
HR
29
MIN
42
SEC
Finance

OpenSea Says It Patched an NFT Phishing Vulnerability

The NFT marketplace said it fixed the loophole as soon as it was notified by a security firm and no accounts were compromised.

By Will Gottsegen
AccessTimeIconOct 13, 2021 at 8:58 p.m. UTC
Updated May 11, 2023 at 5:46 p.m. UTC
OpenSea NFT marketplace
OpenSea NFT marketplace
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

OpenSea, a popular marketplace for non-fungible tokens, has closed an NFT phishing loophole discovered by Check Point Research, a division of publicly traded security firm Check Point Software Technologies.

  • Check Point wrote about the discovery in a blog post on Wednesday and outlined the scam in a video, saying that clicking pop-ups associated with malicious, airdropped NFTs could have provided access to customers’ wallets.
  • The company said that it notified OpenSea of the vulnerability on Sept. 26 and that OpenSea fixed the issue and verified the fix within an hour.
  • “It’s important to note had an attacker attempted to take advantage of this flaw, the end user would have needed to approve the malicious transaction through a wallet signature,” OpenSea wrote in its own blog post about the issue on Wednesday. It said it hadn’t been able to identify any instances where the vulnerability was exploited.
  • The phishing attack is a common tactic in the world of NFTs – thieves will send fishy tokens to public addresses on the Ethereum blockchain and wait for users to interact with them.
  • Scams are still pervasive on the platform, and throughout crypto in general, as CoinDesk outlined in this piece on NFT phishing schemes.
VolumeMuteUnmute

What's Driving the Resurgence of the Ronin Blockchain?

  • Why USDT Dominates Supply With Lower Transaction Volume
    01:11
    Why USDT Dominates Supply With Lower Transaction Volume
  • ARK Sells Last of Its ProShares Bitcoin Futures ETF Shares; Consensys Files Lawsuit Against the SEC
    02:03
    ARK Sells Last of Its ProShares Bitcoin Futures ETF Shares; Consensys Files Lawsuit Against the SEC
  • Bitcoin Was 'Much More International,' Kara Swisher Says
    01:15
    Bitcoin Was 'Much More International,' Kara Swisher Says
  • Morgan Stanley May Allow Brokers to Pitch Bitcoin ETFs; 'Buy Bitcoin' Sign Auctioned for Over $1M
    01:55
    Morgan Stanley May Allow Brokers to Pitch Bitcoin ETFs; 'Buy Bitcoin' Sign Auctioned for Over $1M

    • Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Will Gottsegen
    Will Gottsegen

    Will Gottsegen was CoinDesk's media and culture reporter.

    Follow @lil_smush on Twitter

    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.

    Read more about
    OpenSeaScamsNFTs