Cyber security company Check Point discovered a vulnerability on the NFT market Rarible and claimed that if exploited, they could have enabled a threat actor to steal the user’s NFT and crypto tokens in one transaction so let’s read more today’s latest crypto news.
The cyber security company revealed identifying a security flaw in the popular NFT market Rarible which boasts more than two million monthly active users. CPR stated that the flaw could have allowed the attacker to drain off a users’ NFT and crypto wallets in one transaction. Rarible is one of the most established marketplaces in the NFT space and reproted more than $273 million in trading volume for 2021. The CPR mentioned that the platform users are less suspicious and familiar when submitting transactions. The researchers also alerted Rarible of the discovery on April 5th after which the NFT platform acknowledged the flaw and fixed it. CPR noted:
“Victim receives a link to the malicious NFT or browses the marketplace and clicks on it. The Malicious NFT executes JavaScript code and attempts to send a setApprovalForAll request to the victim. Victim submits the request and grants full access to this NFT’s/Crypto Token to the attacker.”
CPR initially became intrigued by these types of cases after the Taiwanese singer Jay Chou became a victim of a cyber attack. The attackers stole Chou’s NFT and sold it for 0K later on.
buy super avana generic buy super avana online no prescription
The company also detected criticial security vulnerabilities on OpenSea which could have enabled the attackers to hijack the user accounts and steal entire crypto wallets by crafting malicious NFTs. It urged users to exercise caution while reviewing what is now requested. If the request seems abnormal or suspicious, they can reject it and inspect it further before providing more authorization. The development came a little over a month after Abritrum-based NFT market TreasureDAO saw hundreds of FNTs being stolen in an exploit and the malicious entities exploited the vulnerability in the protocol which enabled them to mint NFT tokens for free.
OpenSea’s front-end was also exploited at the start of the year and targeted Bored Ape Yacht Club holders while the attacker managed to steal around $750K worth of ETH.
As recently reported, Rarible added polygon NFT and multi-wallet support to its marketplace and it also supports Tezos, Flow, and Ethereum. The NFT marketplace protocol Rarible continues its multichain expansion and announced it implemented support for NFT assets minted on Polygon. The addition brings Rarible’s total platform count to cour with Polygon joining Tezos, Ethereum, and Flow.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post