OpenSea users reports lost NFTs amid ongoing phishing attack

After announcing scheduled upgrade to remove inactive NFTs, OpenSea has apparently fallen victim to a continuing phishing attack.
After announcing scheduled upgrade to remove inactive NFTs, OpenSea has apparently fallen victim to a continuing phishing attack.

Within hours of announcing a week-long scheduled upgrade to permanently remove inactive NFTs on the platform, major non fungible token (NFT) marketplace OpenSea has apparently fallen victim to a continuing phishing attack.

OpenSea released a smart contract upgrade only yesterday, requiring users to convert their posted NFTs from the Ethereum (ETH) blockchain to a new smart contract. Users that do not migrate from Ethereum risk losing their old, inactive listings, which presently do not require gas fees for conversion.

However, because of the urgency and short deadline, hackers had a brief moment of time. Within hours of OpenSea’s upgrade statement, various sources started reporting about an ongoing attack against the soon-to-be-delisted NFTs.

Further analysis indicated that the NFTs were stolen using phishing emails before being moved to OpenSea’s new smart contract. The attackers acquire access to the NFTs after a user allows the migration via the bogus email.

Users should be cautious of all emails from OpenSea and revoke all permissions related to the migration to the new smart contract.

32 OpenSea users have lost their NFTs

Devin Finzer, co-founder and CEO of OpenSea, confirmed that 32 users have lost their NFTs as a result of the phishing attack. While the NFT marketplace has yet to understand the continuing phishing attack, blockchain investigator Peckshield suspects a possible loss of user data (including email addresses) that is fueling the ongoing phishing attack.

“If you are concerned and want to protect yourself, you can un-approve access to your NFT collection,” Finzer said, urging affected consumers to contact the company.

As TheCoinRise reported, the biggest NFT marketplace OpenSea raised $300 million in Series C funding led by Coatue and Paradigm. The company aimed to use the fund for improving customer experience at the time.