Hacker Exploits OpenSea Bug That Undervalue NFTs To Buy And Flip Bored Apes

Share This Post

Scammers appear to be taking advantage of an OpenSea bug in order to purchase valuable NFTs at a considerably cheaper price than their current listing.

Several researchers and developers have detailed the ongoing problem, with some claiming that specific NFTs worth hundreds of thousands of dollars have been stolen by exploiting the platform’s bug.

OpenSea Bug Opens Platform To Hack

According to reports, a fault in the front end of prominent nonfungible token (NFT) marketplace OpenSea has resulted in an exploit that allows users to acquire popular NFTs at their prior listing price.

The issue appears to be prevalent with Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) NFT collectibles, where the exploiter was able to purchase them for their original listing price and subsequently sell them for the current market price. BAYC #9991, BAYC #8924, and MAYC #4986 are among the affected NFTs.

The hack was brought to light after NFT collector “TBALLER” tweeted that their rare Bored Ape #9991 sold for a pittance of.77 ETH, or $1,775 early Monday morning.

The buyer, who goes by “jpegdegenlove,” flipped the ape NFT almost immediately for 84.2 ETH, or roughly $200,000. The user has been able to flip about 332ETH ($754,000).

Reported exploiter Ether wallet balance Source: Etherscan

PekShieldAlert — the popular security firm PeckShield’s real-time alerts bot – alerted of an OpenSea front-end flaw earlier today, noting that the exploited had already obtained 332 ETH worth around $750K at the time.

According to cryptocurrency analysis firm Elliptic, at leaOpenSeast three attackers have purchased NFTs with a total market worth of slightly more than $1 million utilizing the weakness since Monday morning. “By exploiting this flaw, one attacker today paid a total of $133,000 for seven NFTs—before quickly selling them on for $934,000,” the firm’s blog read.

In a Twitter thread, Rotem Yakir, a developer at the decentralized money business Orbs.com, explained the vulnerability. People who relisted their NFTs without canceling them and then sold them at a higher price could have them bought at a cheaper price through the glitch, according to Yakir.

Earlier today, security researcher Tal Be’ery corroborated Elliptic and Yakir’s discovery by displaying data from the Ethereum blockchain confirming that Bored Ape Yacht Club #8274 was purchased in July for $50,500 (22.9 ETH) and resold for about $296,000. (130 ETH).

Related article | What Went Wrong In The Crypto.com (CRO) Hack? Experts Weigh In

This Exploit Is Not New

An earlier exploit on December 31 witnessed a similar scenario, in which a problem appeared to come from the transfer of assets from the OpenSea wallet to a separate wallet without the listing being cancelled.

According to one user, if someone using OpenSea put an NFT for sale and later decided they didn’t want that ad to remain active, the platform would charge for its removal. This, however, can be pricey, therefore users devised a workaround where they transferred the NFT to another wallet, thereby canceling the listing.

OpenSea didn’t address the issue when it was reported.

Related article | BitMart Leaves Users On Read As Victims Of Hack Await Refunds

Users can see if their listing has been removed from Rarible, another NFT marketplace that makes use of OpenSea’s API. According to the user, the flaw was reported after the December occurrence, but no action was taken to resolve it.

Opensea BUG ETH

ETH/USD hovers above $2,400. Source: TradingView

It’s worth noting that this problem arose as a result of the intended design of OpenSea, a centralized service that uses decentralized coins. It’s difficult to classify this as a hack or even a bug. OpenSea informs consumers that this is how its service works, which has resulted in numerous scams. The OpenSea bug shows that it is a sloppy marketplace, and if users aren’t cautious to follow proper practices, they may be exploited by more savvy users.

Whether the OpenSea bug is  being treated as an open security flaw or a result of user error is currently unclear.

Featured image from Unsplash, chart from TradingView.com and Etherscan
Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

AI, Blockchain Integration Can Boost Trust, Prevent Misuse, Expert Says

Integrating AI with blockchain can enhance AI’s trustworthiness and revolutionize various sectors AI Developers Should Prioritize User Control Stacey Engle, co-founder and CEO of Twin Protocol,

Dogecoin ATH Incoming? Analyst Issues 2-Day Price Forecast

Crypto analyst Master Kenobi has made a bold two-day prediction for the Dogecoin price, stating that it will hit a new all-time high (ATH) in the next two days The analyst highlighted Dogecoin’s

Optimism Grows for Solana ETF Approval Amidst Changing Market Dynamics

The post Optimism Grows for Solana ETF Approval Amidst Changing Market Dynamics appeared first on Coinpedia Fintech News As the regulatory and market dynamics change in favor of digital asset

Ripple CEO Reacts To Trump’s Billionaire Treasury Secretary Nominee

After weeks of intense speculation, incoming US President Donald Trump has named Scott Bessent his Treasury Secretary pick The drawn-out selection process has attracted many popular names, including

Flat Tax Frenzy: Americans Debate Tax Code Overhaul on X

Conversations about adopting a flat tax in the United States are lighting up the social media platform X 16 Million Words Too Many Department of Government Efficiency Sparks Flat Tax Debate The

Bitcoin Rally Benefits From US Buyers – Coinbase Premium Gap Reveals Strong Demand

Bitcoin has surged past the $99,800 mark, setting another all-time high as it inches closer to the psychological $100,000 milestone Despite briefly testing the level, BTC has yet to break through,