Security team creates dashboard to detect potential NFT hacks in OpenSea

Published at: Feb. 22, 2023

A wallet security team released a real-time dashboard that lets community members detect, track and monitor potential nonfungible token (NFT) hacks using offline signatures in the OpenSea marketplace. 

According to the team behind crypto wallet ZenGo, they created an NFT hack detector using a simple method. This includes tracking realized NFT trades in the NFT marketplace and comparing the trade amount of the NFT collection’s floor price. If the ratio between the two trade values is suspiciously low, it will get flagged as a potential hack.

At the time of writing, the dashboard flagged almost $25 million worth of NFTs hacked through offline signatures. Tal Be’ery, the chief technology officer of ZenGo, also told Cointelegraph that this type of hack differs from others in two ways. 

First, this type of hack does not have a general way of showing the meaning of the messages users must sign. This means that users must “blindly trust” the message and “blindly sign them.“ In addition, Be’ery also explained that this type of hack involves platforms’ contracts and argued that platforms share some responsibilities in these cases.

Related: Here’s how to prevent NFT theft, according to industry professionals

When asked about potential solutions for this problem within the community, the wallet executive claimed there’s currently no good solution. He explained that:

“Users can use some proprietary browser extensions that give some visibility into some offline signatures, but does not cover all offline signatures and needs to be updated whenever a new form of offline signature is added.”

According to the ZenGo team, they’ve also started working with the Ethereum Foundation, various decentralized applications, and other wallets to support a draft Ethereum Improvement Proposal (EIP) that fixes the issue if implemented. Be’ery said:

“The EIP allows a contract to describe the exact meaning of the offline signature, such that the wallet app can display it to the user and then the user can make an informed decision on whether or not they want to sign the offline signature and don’t need to blindly sign.”

Similarly, the other entities within the community have also been issuing warnings over gasless transactions on OpenSea. On Dec. 23, anti-theft project Harpie warned the community about a private auction scam that threatens users of the NFT marketplace. The scam also involves blindly approving signatures.

Tags
Nft
Related Posts
North Korean hackers stealing NFTs using nearly 500 phishing domains
Hackers linked to North Korea’s Lazarus Group are reportedly behind a massive phishing campaign targeting non-fungible token (NFT) investors — utilizing nearly 500 phishing domains to dupe victims. Blockchain security firm SlowMist released a report on Dec. 24, revealing the tactics that North Korean Advanced Persistent Threat (APT) groups have used to part NFT investors from their NFTs, including decoy websites disguised as a variety of NFT-related platforms and projects. Examples of these fake websites include a site pretending to be a project associated with the World Cup, as well as sites that impersonate well-known NFT marketplaces such as OpenSea, …
Nft / Dec. 26, 2022
OpenSea Discord server hacked, users warned to be vigilant of phishing scams
Nonfungible token (NFT) marketplace OpenSea suffered a server breach on its main Discord channel, with hackers posting fake "Youtube partnership" announcements. A screenshot shared Friday shows fake collaboration news, accompanied by a link to a phishing site. OpenSea Support's official Twitter account tweeted that the marketplace's Discord server was breached Friday morning and warned users not to click links in the channel. Do not click links in our Discord. We are continuing to investigate this situation and will share information as we have it. https://t.co/jgtHcXifer — OpenSea Support (@opensea_support) May 6, 2022 The hacker's initial post, published in the announcements …
Blockchain / May 6, 2022
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
BitKeep exploiter used phishing sites to lure in users: Report
The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink. The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker. 【12-26 #BitKeep Hack Event Summary】 1/n According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker …
Ethereum / Dec. 26, 2022
5 sneaky tricks crypto phishing scammers used last year: SlowMist
Blockchain security firm SlowMist has highlighted five common phishing techniques crypto scammers used on victims in 2022, including malicious browser bookmarks, phony sales orders and trojan malware spread on messaging app Discord. It comes after the security firm recorded a total of 303 blockchain security incidents in the year, with 31.6% of these incidents caused by phishing, rug pull or other scams, according to a Jan. 9 SlowMist blockchain security report. Malicious browser bookmarks One of the phishing strategies makes use of bookmark managers, a feature in most modern browsers. SlowMist said scammers have been exploiting these to ultimately gain …
Blockchain / Jan. 10, 2023