A critical vulnerability in OpenSea, the world’s largest non-fungible token (NFT) marketplace, could’ve been abused by malicious actors. This would allow them to take money from someone by giving them a token that is specially made to get the money out of their account.
What Are NFTs?
Check Point Research, a cybersecurity company, found that NFTs can be used to steal cryptocurrency wallets. The people who were responsible for the issue fixed it within less than an hour on September 26th.
NFTs are digital assets such as photos, videos, and audio. They can be traded and sold on the blockchain if you use it to prove that they belong to you.
This attack relies on sending victims a malicious NFT. When somebody clicks the NFT, they will be able to take control of another person’s account. Users should be careful about these kinds of things when dealing with other people’s accounts.
OpenSea’s Working with Third-Party Wallet Services
OpenSea says that it hasn’t found any cases of this vulnerability being exploited in the wild, but is working with other companies to help users better identify malicious requests for signatures.
Blockchain innovation is happening quickly. NFTs are also here to stay. There are too many new innovations that there may be challenges with securely incorporating software applications and crypto markets. Bad actors are starting to take advantage of this now because there aren’t enough security measures in place yet.