Header Ads Widget


Vulnerability in OpenSea brought the user 347 ETH

Vulnerability in OpenSea brought the user 347 ETH

Users of the NFT-marketplace OpenSea have been warned about a vulnerability that allows them to redeem high-value tokens at an undervalued price.

BREAKING: Everyone head to https://t.co/nRpSAHivfe and make sure all of your old listings are cancelled. There is currently an exploit on @opensea letting someone buy your NFTs for old listing prices. This is happening right now!!! - Hustler (@0xHustler) January 24, 2022

A user nicknamed jpegdegenlove has been caught exploiting an OpenSea API vulnerability on the Rarible platform. According to Etherscan, the scam earned him 347 ETH ($784,830 at the time of writing).

A user named jpegdegenlove on OpenSea is suspected of using the vulnerability to buy low and sell high, making a profit of more than 250 ETH. The NFTs involved include BAYC #9991, BAYC #8924, MAYC #4986, etc. https://t.co/H1IJiZkl2Z https://t.co/cc4djcIWEj pic.twitter.com/3aMpc6mI7H - Wu Blockchain (@WuBlockchain) January 24, 2022

On December 31, 2021, the founder of the freshdrops project pointed out the error and urged OpenSea to make a correction. According to him, delisting a token from the platform requires additional fees, the amount of which in some cases is quite large, given the reduction in the value of the collection. In an addendum to the track, the author pointed out that it is about the cost of gas.

1. OS doesn't charge a delisting fee, it's the cost of gas to remove the listing from the blockchain. OS is not pocketing ETH to delist an item. - cap10bad.ΞTH | freshdrops.io (@cap10bad) January 24, 2022

Users have found a way out - when NFT is transferred to a third-party wallet, it disappears from the marketplace listing. However, the token is available for purchase on Rarible via the OpenSea API at the old price if it is returned to the original wallet.

That said, freshdrops noted that this is not a bug on OpenSea's part per se. The problem, he said, is that "the NFT holder can't see these listings anywhere to cancel them."

4. This is not a bug, per se, on OS's part. The issue is that there is nowhere obvious for an NFT holder to see these listings to cancel them. IMHO, the obvious place they should be displayed is where the holder created the listing, on OS. - cap10bad.ΞTH | freshdrops.io (@cap10bad) January 24, 2022

Previously, the number of users who made at least one transaction on OpenSea exceeded 1 million.

From Jan. 1 to Jan. 17, 2022, the marketplace's trading volume reached $3.52 billion, marking a new high set in August 2021.


As a reminder, in September 2021, an OpenSea bug led to the destruction of 42 NFTs worth $100,000.

Subscribe to ForkLog news on VK!

Post a Comment