OpenSea suffers a phishing attack and steals NFTs worth more than 1.7 million dollars: this is how they hacked this great market

Dozens of users have been affected by an attack on OpenSea, one of the largest markets for NFTs. This happened during the early hours of February 20, and OpenSea has been working ever since to clarify the facts.

As they have been able to find out, it was a phishing attack that, in an approximate duration of three hours, was able to steal a total of 254 NFTs from OpenSea. The total sum of these digital works amounted to 1.7 million dollars.

A phishing attack on one of the largest markets for NFTs

After the attack, Devin Finzer, CEO and co-founder of OpenSea, wanted to explain the matter through Twitter, where he sheds some light on what happened. There he affirms that the attack is not connected to the OpenSea website, and that it affected a total of 32 users. However, OpenSea recently confirmed that the number of those affected was only 17, since the 32 also included those people who interacted with the attacker.

There are people who are buying the same NFT up to 25 times: this is how this way of inflating prices works

17 users signed a malicious payload, causing some of their NFTs to be stolen by the attacker. According to Finzer and also from OpenSea, there has been no other activity since then, and some of the stolen NFTs have already been recovered. So far, OpenSea has not detected any e-mail containing phishing and they have not been able to find out which web page made users sign with malicious code. In this case, Finzer insists that users must ensure that the domain they are interacting with is ‘’ and not another.

The most ironic thing about all this is that, every transaction made was obtained through validated signatures. However, none of these targeted the new Wyvern 2.3 contract, says Nadav Hollander, CTO of OpenSea. In this way, everything indicates that the attack was carried out before the migration to this new protocol.

In the total of the 254 NFTs, those from Decentraland and Bored Ape Yacht Club are included, according to what the security and analysis firm PeckShield has been able to compile through this document. Due to the nature of this system and thanks to Blockchain technology, anyone can access the attacker’s digital wallet, since it was from there that some of the stolen NFTs were sold. Users accessing the profile are warned that the NFTs were obtained by a phishing attack.