Give Us Your Opinion on Crypto & Get Paid 🔥
Home Crypto NewsOpenSea Phishing Att...

OpenSea Phishing Attack Sees at Least $3 Million Worth of NFTs Stolen

By José Oramas February 22, 2022 In Crypto News, Hackers, NFTs

At least US$3 million worth of non-fungible tokens (NFTs) have been stolen in a phishing attack targeted to dozens of users in the decentralised marketplace OpenSea.

Attack Unrelated to OpenSea Platform, Says Co-Founder

In a tweet, OpenSea’s CEO Devin Finzer said that the attack wasn’t related in any way to the OpenSea website – it was rather a phishing attack where at least 32 users were tricked into signing a migration authorisation of their NFTs to the hacker’s wallet.

As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.

On February 19, OpenSea announced a smart-contract upgrade that requires users to migrate their NFTs from the Ethereum blockchain to the new set of smart contracts. Failing to do so leaves their old NFT listings inactive.

Advertisement

But four weeks ago, the hackers deployed a smart contract on Etherscan with the goal of collecting as many signatures as possible from OpenSea users. The OpenSea smart-contract update came at perfect timing for hackers, as the short deadline of the upgrade gave them a small window of opportunity to deceive users.

The hackers started sending phishing emails to trick users into signing a message to migrate their NFTs to the new OpenSea smart contract, but it was instead someone else’s wallet:

https://twitter.com/0xfoobar/status/1495208279210876930?s=20&t=jZ_w70hvBaEq5VlnspE2xg

Always Double-Check What You’re Signing

After the attack, Finzer warned OpenSea users to always double-check what they’re signing. Affected users are currently dealing with OpenSea Support to investigate the attack:

OpenSea has been in hot water recently due to continuous attacks and bugs found on the platform. On January 4, the platform had to freeze 16 Bored Apes worth US$2.2 million that had been stolen in a phishing attack.

Just a few weeks later, hackers found a bug on the OpenSea platform that allowed them to purchase NFTs at well below market value.

José Oramas
Author

José Oramas

José is a journalist and translator with a keen interest in blockchain and cryptocurrencies.

You may also like

Hackers,
June 10, 2025

Paraguayan President’s X Account Hacked in Fake Bitcoin Legal Tender Scam

NFTs,
June 4, 2025

Trump Family Unveils $TRUMP Wallet Waitlist with $1M in Rewards as Crypto Empire Grows

NFTs,
May 29, 2025

Real-World Asset NFTs Could Rescue Collapsing NFT Lending, DappRadar Says