Recent phishing attacks targeting NFT holders: OpenSea loses millions

254 tokens worth at least $1.7 million stolen in a phishing attack on OpenSea users

People lost $2 million worth of NFTs

Scammers managed to swindle NFTs from the popular OpenSea platform. It is reported that the attack took around three hours and resulted in these huge losses.^[1] Official work on the investigation. Attackers took advantage of the contract mitigation initiative and scammed their way with the phishing attack that resulted in swindling NFTs out of customers.^[2] OpenSea now investigates the phishing attack that left 17 of its users without NFTs worth almost $2 million.

Some hackers took advantage of the upgrade process and decided to scam NFT users by using the same email from OpenSea and resending it to the OpenSea victims

The Non Fungible token marketplace is the data stored on the blockchain, Ethereum mostly.^[3] People declare ownership of digital files, typically related to art, media files. OpenSea is considered one of the largest peer-to-peer NFT marketplaces in the world. The platform also allows trading rare digital items and cryptocurrency collectibles. It has a value of $13,3 billion currently.

The marketplace announced the rollout of contract migrations recently and upgraded to make rue inactive or old listings expire.^[4] This was the opportunity to allow OpenSea to offer better safety features in the future. It was set for February 18th to February 25th. Phishers took advantage of this to scam people.

Scammers look for ways to get profit various ways

NFT owners have received guides for the needed changes from OpenSea. The migration should have helped the marketplace to save altered listings, and any of the ones that were not migrated would be expired. Attackers took the chance to make money. Phishing emails were sent to users with claims about the upgrade of the contract systems.^[5]

Users were encouraged to prepare for migration, and emails included links to websites belonging to criminals. Users were urged to click on those links and sign malicious transactions crafted to look legitimate as the original OpenSea requests. Various research reports state that attackers created contracts prior to the transition and used a form of requests, so stealing all victim NFTs was easily manageable.

The wallet that researchers managed to link with the phishing attack contained over two million dollars after the selling of NFTs obtained in the phishing attack. Criminals were not waiting for anything, and it is revealed that at least 350 transactions were made from the wallet address. Deposits, withdrawals too, so the account at the time of discovery contained only $8,000.

Phishing campaigns continuously aimed at online banking and crypto accounts

Recently phishing attacks have made headlines because scammers manage to obtain large sums of money and cryptocurrency from users or even companies, get sensitive information from sources. These methods allow to release of emails with malicious links and redirect to controlled sites or even deliver malware on the targeted systems.

Another recent attack involving these methods affect Monzo users.^[6] This is one of the most popular UK digital-only banking platforms. Phishing messages were sent to customers. The campaign is still ongoing and targets users with the goal of stealing their accounts.

These attacks can often start with the SMS text message or email containing the link that the recipient is encouraged to click and interact with. Phishing sites often resemble official sites, display various forms where login credentials can be stolen or data like full names, phone numbers get obtained.