- The OpenSea marketplace was not directly affected
- The scam website wasn’t very sophisticated and the losses seem to be minimal
According to chat records, the OpenSea Discord server was compromised by scammers early Friday.
Fake announcements of a partnership with YouTube led members of the OpenSea community to a phishing website as scammers tried to trick NFT connoisseurs into minting a new NFT (non-fungible token) series that doesn’t actually exist. Instead, transactions on the suspicious site authorized the transfer of NFTs from users’ wallets.
OpenSea confirmed the reports via their official Twitter support account.
The scam messages directed users to a suspicious website, YouTubeNFT.art, which domain records say was registered today with discount domain registrar NameCheap.
Members of the OpenSea Discord community quickly sounded the alarm, and moderators removed the offensive announcement channel and a compromised chatbot — but not before some users fell for the scam.
An obvious vulnerability in the server webhooks The connection was to blame, according to community members who also identified themselves the wallet address Receiving stolen NFTs. above $20,000 worth of NFTs were transferred to the wallet as of 10:00 AM ET, indicating the damage was limited.
According to OpenSea, fewer than 10 community members were affected.
Other recent attempts to steal NFTs from unsuspecting users have been more successful, including one last month that targeted NFT holders at Bored Ape Yacht Club and managed to scoop $10 million worth of tokens.
The post In Latest OpenSea Exploit, Hackers Target NFT Owners on Discord is not financial advice.
Source: Crypto News Austria