Another exploit on the biggest Ethereum NFT marketplace appears as OpenSea has reportedly been hacked. "Anonymous" has stolen numerous NFT pieces worth approximately 150 ETH and is currently selling them on another platform.
According to WuBlockchain, 8 NFT pieces were stolen, including Cool Cat NFTs numbered #9575, #7218, #3537, #1546 and Bored Ape Yacht Club pieces #6623, #1397, #775 and #2068. As Nftgo tracker suggests, the holding value of the anonymous user is currently at $117,000.
Someone exploited the OpenSea vulnerability for profit again. The NFTs involved are Cool Cat #9575 #7218 #3537 #1546 and BAYC #6623 #1397 #775 #2068, the profit is close to 150ETH. OpenSea is suspected of blocking his address, he is selling on LooksRare. https://t.co/0tN0k5lgBu pic.twitter.com/gWM1lrVWmX— Wu Blockchain (@WuBlockchain) January 28, 2022
The mentioned pieces are being sold on the LooksRare NFT marketplace that is often being presented as the main competitor of the OpenSea NFT platform that gives out rewards to both sellers and buyers.
Reportedly, OpenSea has prevented the anonymous hacker from selling on the platform by banning his address. The same procedure has been used after the anonymous hacker stole approximately $600 million from PolyNetwork. The wallet's address with stolen funds was blacklisted by the majority of exchanges that had enough liquidity for realizing funds.
Two vulnerabilities in one week
Unfortunately for NFT holders, the current exploit was not the first issue the NFT platform had with hackers as an anonymous user stole approximately 347 ETH by buying NFT pieces listed on OpenSea for a significantly cheaper price.
The root of the exploit was covered in the platform's API, which is used for third-party marketplaces that are willing to make profits off the fees.
In addition to the largest NFT marketplace having issues with security, previously implemented NFT profile pictures on Twitter can in fact be substituted by re-minting the same NFT out of the collection.