A New Opensea Bug That Enables Hackers To Get Discount Up to $1M On Leading NFTs. This bug was discovered early in December 2021.
This new bug on a non-fungible tokens marketplace, Open sea, has enabled three attackers to get a massive discount on some NFTs and let the hackers generate sufficient earnings.
Additionally, this bug was discovered as early as December 2021. That allows the hackers to purchase NFTs at the cheapest and lowest prices and sell them again in hefty profits.
Also, a blockchain analytics company, Elliptic, stated via blogpost that one hacker dubbed as Jepedgenlove submitted approx $133,000 for seven Non-fungible tokens, Before rapidly selling them for $934,000 in ether.
Then five hours after, this ether was transferred through Tornado Cash, which is a mixing service that is utilized to stop blockchain from monitoring of funds.”
Co-Founder, And Chief Scientist Of Elliptic’s Opinion:
The co-founder, and chief scientist of elliptic, Tom Robinson, said that :
“It’s a subjective thing whether you consider this to be a loophole or a bug, but the fact is that people are being forced into sales at a price they wouldn’t otherwise have accepted right now.”
How This New Opensea Bug Enables Hacker To Get These NFTs In Cheap Rates:
According to the Twitter thread, the reason behind this new OpenSea bug is clashing information present in Non-fungible Tokens smart contracts and the information provided by the Opensea user interface. The hackers utilize the advantage of the old contracts that remain on the blockchain. However, are no longer exist in the view provided by the Opensea application.
Moreover, the Opensea users set List prices or the potential buyers’ for selling their NFTs. As per the nature of the smart contracts, if the NFT purchaser accepts that price list, then NFT is automatically sent to them.
If the NFT holder wants to relist his NFT at high sale rates, then there is an accurate way, and that is the owners’ need to disable the initial price list, and for that, he has to pay the gas fees. That cost nearly tens or hundreds of dollars. Some users skirted around this by sending the NFT to another digital wallet.
This technique seemingly eliminates the listing from the data in the OpenSea front-end display. And the actual listing stays active on the blockchain and can be found on the OpenSea API.
Lastly, it is not clear that the nft marketplace, Opensea, treats the scenario as an open-security fault or due to the users’ flaw.
The News source is The Verge.
Please don’t forget to leave your comments and feedback. As well you can connect with us on our NFT based community on our social media accounts on Instagram, Facebook, and Twitter. Feel free to share your thoughts, and comments with us.
Disclaimer: We are not experts or financial advisors. Kindly, take your decisions at your own risk.