Cybersecurity Researchers helped fix security vulnerabilities on OpenSea NFT Marketplace which could have been exploited by attackers to hijack the cryptocurrency wallets .
Researchers at Check Point (CP) discovered critical security issues in one of the world's largest NFT markets after spotting reports of people claiming to have all their cryptos stolen after receiving a free gift on the platform.
"Such examples, as well as others that reported various scams within this marketplace prompted our researchers to research (and find!) vulnerabilities within the platform, which could have enabled crooks and hackers to hijack accounts and steal the crypto currencies digital wallets, share the CP researchers Dikla Barda, Roman Zaikin & Oded Vanunu in a joint blog post. TechRadar needs you!
We are looking at how our readers are using VPNs with streaming sites like Netflix so that we can improve our content and offer better advice. This survey will take no more than 60 seconds of your time, and we would be very grateful if you could share your experiences with us.
>> Click here to launch the survey in a new window <<
The researchers add that OpenSea answered their queries and collaborated with the researchers to help to block all attack vectors.
OpenSea allows quicon than to create art, in one of many popular multimedia formats, and sell it in its market.
Researchers used it to create SVG art with a malicious payload that allowed them to communicate with the platform's default cryptocurrency wallet, MetaMask.
Engadget reports that the attack was based on the inattention of the user. user and the fact that OpenSea already generates a lot of pop-ups. The attack worked by sending a malicious NFT to the victim, which when opened triggered several pop-ups, including one requesting access to the victim's cryptocurrency wallet.
“You should always be careful when receiving signature requests from your online wallet. Before approving a request; you need to carefully consider what is requested and determine if the request is abnormal or suspicious "users warn, advising utUsers to reject any request that even seems slightly suspicious.