OpenSea, the world’s largest NFT marketplace place has been reportedly hacked for 332 ETH.
This was made known in a tweet by Peck Shield, a blockhchain security company that aims to elevate the security, privacy and usability of the entire blockchain ecosystem.
At today’s market price of $2,350 per Ether, this brings the dollar figure to $780,200.
The tweet reads, “It appears that @opensea has a front-end issue and the exploiter gained about 332 Ether.” The tweet came along with an Ether Scan transaction ID for the hack.
Details of the hack
A bug in the front end of OpenSea, one of the world’s biggest markets for Non-fungible Tokens (NFTs), is reportedly the cause of the hack, as it allowed users to buy popular NFTs at their previous listing price.
The bug seems to be prevalent with Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) NFT collectibles, where the exploiter managed to buy them at their old listing price and then sold them for the current market price. The affected NFTs include BAYC #9991, BAYC #8924, MAYC #4986.
A user named ‘jpegdegenlove’ is suspected of exploiting the current bug and has reportedly profited 332 Ether (ETH) ($780,000). OpenSea has made no comments on the matter.
This is not the first time OpenSea has experienced this kind of bugs as an earlier exploit on December 31st, 2021, saw a similar scenario, where a bug seems to arise from the transfer of assets from the OpenSea wallet to a different wallet without cancelling the listing.
What they are saying
One Twitter user, ‘cap10bad’ explained why the hack happened in a Twitter trend. He stated,
- “1/ Recently there’s been an @opensea exploit that has allowed for assets to be purchased at greatly discounted prices, including 3 freshdrops passes, a BAYC, multiple MAYCs, and more. I did some research this morning and here’s what’s happening.
- “2/ If an OS user lists an NFT for sale and later decides they don’t want that listing to be active anymore, OS will charge for delisting. This can be costly, especially if the price was lowered multiple times, so users have found a workaround -> transfer to another wallet.
- “3/ This effectively cancels the listing in OS and the user transfers the item back to the original wallet, no damage done right? Wrong.
- “4/ The item may not show the listing on OS, but it is in fact still active through OS’s API. The quickest way to view these old listings is on Rarible, which uses OS’s API to display and fulfill OS’s listings.
- “5/ The old, presumed cancelled, listing displays as active on Rarible and are fulfillable. An example of my X-Punk next I created a listing on OS, transferred to another wallet, and back. No listing is shown on OS. This is how it’s expected to work.
- “6/ However if you view the same asset on Rarible, you’ll see it’s listed for O.25 ETH, which is what I listed it at on OS before transferring!
- “7/ OS has been notified about this bug, but nothing has been done about it yet. Please be careful out there and you might want to go check your assets on Rarible before it’s too late!”
The user claimed that the bug was flagged after the December incident, but the platform didn’t take any measures to address the issue.
The NFT market has been exploding with OpenSea, seeing its monthly trade volume last week, in Ether (ETH) exceed $3.5 billion for the first time ever. According to data from Dune Analytics, OpenSea has now surpassed the all-time high of $3.42 billion set in August 2021 to establish a new all-time high. As of today, its trading volume currently stands at approximately $4.8 billion.
