See More

OpenSea Plans on Reimbursing Victims of Faulty Listing Attacks

2 mins
Updated by Ryan James
Join our Trading Community on Telegram

In Brief

  • OpenSea is looking to reimburse users following an attack that saw over $1M lost.
  • The attackers exploited users’ propensity to transfer NFTs to another wallet instead of delisting them.
  • The issue was not made public because OpenSea didn’t want criminals to exploit the issue before adequate safety measures were put in place.
  • promo

OpenSea is implementing measures to curb a recent attack method that exploits the marketplace’s user interface flaws.

According to Elliptic, a user interface issue on OpenSea recently saw over $1M worth of NFTs purchased for very little, then resold at a higher price. At least three individuals exploited this issue and purchased eight NFTs for a drastically reduced price.

The security breach occurred when the perpetrators relisted an NFT at a new price without canceling the earlier listing. The price of the earlier listing was the price paid by the attackers, which was below the current prices. An OpenSea spokesperson said that the company is “actively reaching out to and reimbursing affected users.” They admitted that the user interface was “confusing,” which saw multiple users’ NFTs sell below their market value.

A Twitter user’s NFT sold for $1800, which was 99% below the floor price. The buyer took advantage and sold it for almost $200K, making a profit of $198,200.

OpenSea did not publicize UI issue

OpenSea has always used this user interface. But it recently caught hackers’ attention. OpenSea did not want the possibility of criminals becoming aware of the issue, so they didn’t highlight it initially. They wanted first to mitigate what they believed was “not an exploit or a bug- it’s an issue that arises because of the nature of the blockchain,” the spokesperson said. They added that user must cancel their own listing.

OpenSea takes the attack “incredibly seriously”

OpenSea is taking the issue “incredibly seriously,” They are working on improvements. One of these is a new listing’s manager that presents users to see their listings and possibly cancel them. Now, the duration of a listing will be one month instead of six months, so if an NFT is moved back into a wallet after six months, the listing would have expired.

When users transfer one NFT with an active listing out of their wallet, they ask them if they want to cancel it. OpenSea will also send the user an email if they have registered on OpenSea with it.

To cancel an offer to sell, one has to do an on-chain transaction, which many sellers want to avoid due to high gas fees on Ethereum. Thus, OpenSea users choose to move their NFTs to a different wallet.

What do you think about this subject? Write to us and tell us!

Top crypto platforms in the US | April 2024
Coinbase Coinbase Explore →
AlgosOne AlgosOne Explore →
Chain GPT Chain GPT Explore →
iTrustCapital iTrustCapital Explore →

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David-Thomas.jpg
David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C,...
READ FULL BIO
Sponsored
Sponsored