OpenSea is implementing measures to curb a recent attack method that exploits the marketplace’s user interface flaws.
According to Elliptic, a user interface issue on OpenSea recently saw over $1M worth of NFTs purchased for very little, then resold at a higher price. At least three individuals exploited this issue and purchased eight NFTs for a drastically reduced price.
The security breach occurred when the perpetrators relisted an NFT at a new price without canceling the earlier listing. The price of the earlier listing was the price paid by the attackers, which was below the current prices. An OpenSea spokesperson said that the company is “actively reaching out to and reimbursing affected users.” They admitted that the user interface was “confusing,” which saw multiple users’ NFTs sell below their market value.
A Twitter user’s NFT sold for $1800, which was 99% below the floor price. The buyer took advantage and sold it for almost $200K, making a profit of $198,200.
OpenSea did not publicize UI issue
OpenSea has always used this user interface. But it recently caught hackers’ attention. OpenSea did not want the possibility of criminals becoming aware of the issue, so they didn’t highlight it initially. They wanted first to mitigate what they believed was “not an exploit or a bug- it’s an issue that arises because of the nature of the blockchain,” the spokesperson said. They added that user must cancel their own listing.
OpenSea takes the attack “incredibly seriously”
OpenSea is taking the issue “incredibly seriously,” They are working on improvements. One of these is a new listing’s manager that presents users to see their listings and possibly cancel them. Now, the duration of a listing will be one month instead of six months, so if an NFT is moved back into a wallet after six months, the listing would have expired.
When users transfer one NFT with an active listing out of their wallet, they ask them if they want to cancel it. OpenSea will also send the user an email if they have registered on OpenSea with it.
To cancel an offer to sell, one has to do an on-chain transaction, which many sellers want to avoid due to high gas fees on Ethereum. Thus, OpenSea users choose to move their NFTs to a different wallet.
What do you think about this subject? Write to us and tell us!
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.