OpenSea Hacker Steals Mass Amounts of Ethereum

OpenSea is experiencing a live hack right now and the leading hypothesis is that it is a phishing hack according to security experts.

The hacker is using a helper contract deployed 30 days ago, to call an OS contract deployed 4 years ago, with valid atomicMatch() data.

Likely a signature phishing attack from several weeks back, the attacker is exploiting now before all listings expire.

OpenSea Hacker Steals Mass Amounts of Ethereum

The only relation to OS’ new V2 deployment is that these listing phishings will expire in six days, so the hacker is acting now to steal items listed on the V1 marketplace.


PHISHING EMAIL

Pictured below is the email that the hacker has been sending out in order to receive access to user’s OpenSea accounts.

OpenSea Hacker Steals Mass Amounts of Ethereum

Users authorize the “migration” as instructed in the phishing email and the authorization unfortunately allows the hacker to steal the NFTs.

OpenSea is already working on patching the error, but in the meantime all OpenSea users should revoke access from outside sites and transfer NFTs to new wallets.

Share this below.