How much was stolen in the OpenSea NFT hack? There is so much confusion and misinformation around the OpenSea hack. It’s incredible.
OpenSea confirmed an estimated $1.7 million worth of NFTs stolen in a hack on Saturday. The phishing attack exploited the smart-contract code used in NFTs, the platform believes. Crypto-related hacks are on the rise, with the $320 million solana wormhole attack an example.
people really WANT to believe #opensea is innocent and this was a #phishing attack…. it was NOT a phishing attack. It was an #EXPLOIT of opensea.
All the phishing in the world wouldn’t have allowed this hack to happen. This was as a result of poorly written code for OpenSea.
When people insist it was a phishing hack, they let opensea off the hook – and that is not okay.
The CTO of OpenSea is speaking at ETHDenver when suddenly rumors of a hack start spreading.
Moreover, people start leaving the conference to check their NFTs and see what is going on.
Looking at the OpenSea hack/phishing scam evidence on chain (despite etherscan problems with unfortunately timed maintenance hours).
1) Hacker was planning this a while ago, I think as early as May 2021.
2) they had bad OpSec and I was able to identify multiple exchanges that could have KYC on them.
3) They did a lot of testing on-chain and the evidence is there with multiple wallets minting multiple NFTs as they practiced signature glitching.
4) the exploit contract seems to rely on the victims doing a no-gas transaction signature on a fake website that sets up a $0 private listing of their NFTs that only hacker can buy.
5) Increasing evidence points to an isolated incident. To social engineering victims. Who click a suspicious link and sign the tx.
6) questions still remain: why does OpenSea accept tx signatures it didn’t create? Lastly, is there a technical problem with that? Among other Qs.
