100s of titles, one news app for just $10 a month.
Dive Deeper:
Bored Ape Thefts on Instagram Are Crypto’s Latest Hack Headaches
When it comes to crypto hacks, the story is often the same: Scammers take advantage of a vulnerability in a…
NFTs: the great rush may be over – but are they in actual decline?
Jack Dorsey’s first tweet sold for $2.9m in 2021 then could not get past $14,000 at auction last month. But…
U.S. Sanctions Virtual Currency Mixer Tied to North Korea
The U.S. Treasury Department on Friday sanctioned Blender.io, a virtual currency mixer it said was tied to North Korea’s hacking…
Coinbase NFT Marketplace Sees Under 150 Users On Day One
The widely anticipated launch of Coinbase Global Inc’s (NASDAQ: COIN) NFT marketplace appears to have had an underwhelming first day.
One subscription that gives you access to news from hundreds of sites
A popular program for teaching kids to read just took another hit to its credibility
Reading Recovery is one of the world's most widely used reading intervention programs for young children. A new study questions…
Metaverse Land Just Sold For $129,600 (90,000 MANA) In Decentraland
What happened: Virtual land tokenized as an NFT just sold for $129,600, which is 24.74x the current floor price of…
Get all your news in one place
Latest Business news:
Russian oil's Achilles' heel: insurance
Russia has so far deflected much of the impact of sanctions on its oil trade but the insurance industry threatens…
Read news from The Economist, FT, Bloomberg and more, with one subscription
Learn More
Malaysian palm oil giant seeks to repair image after abuse claims
Sime Darby Plantation Berhad is fighting a US ban on its products after reported labour violations at its plantations.
Notorious Vietnamese hacker turns government cyber agent
Ho Chi Minh City (AFP) - At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune…
India to limit sugar exports to meet domestic demand
India is restricting its sugar exports to 10 million tons in the current season to help maintain domestic availability and…
OECD chief sees global digital tax deal pushed back to 2024
The Organisation for Economic Cooperation and Development (OECD) on Tuesday acknowledged for the first time that a global digital tax…
From analysis to good news, read the world’s best news in one place
Shanghai: world's biggest port is returning to normal, but supply chains will get worse before they get better
Shanghai is slowly emerging from a gruelling COVID lockdown that has all but immobilised the city since March. Although Shanghai’s…
Hotels want to use NFTs to screw over travelers
Adding crypto to the travel industry will only make things less accessible and worse for the planet.

Popular NFT marketplace OpenSea Hit by Another Hack

By Rob Lenihan

OpenSea, the leading marketplace for nonfungible tokens, or NFTs, said Friday that it is "actively investigating" a breach of its main Discord channel. 

"Do not click links in our Discord," the company tweeted. "We are continuing to investigate this situation and will share information as we have it."

'Malicious Links'

The hackers posted a notice of a fake YouTube partnership announcement that included a link to a phishing site.

OpenSea said in a statement that "an attacker was able to post malicious links in several of our Discord channels."

"We noticed the malicious links soon after they were posted and took immediate steps to remedy the situation, including removing the malicious bots and accounts," the company said. "We also alerted our community via our Twitter support channel to not click any links in our Discord. We have not seen any new malicious posts since 4:30am ET."

The company said a preliminary investigation indicated the attack had "limited impact" 

"We are currently aware of fewer than 10 impacted wallets and stolen items amounting to less than 10 ETH," the statement said. "We continue to actively investigate this attack, and will keep our community apprised of any relevant new information. "

Ethereum prices were down about 2% to $2,701.54, at last check. 

'A Simple Phishing Attack'

Kate Kurbanova, Co-founder and COO of the risk management platform Apostro, said the OpenSea Discord hack is "a simple phishing attack, probably one of the admins got hacked or added a malicious bot by mistake--or even the bot itself was exploited."

"The malicious bot got admin rights to post in the announcement channel and posted links to the phishing website," she said. "It’s a pretty common vector of attack - the best way to prevent it is by securing admin accounts with 2FA (two-factor authentication) and similar practices, as well as monitoring all managing bots and rights once every couple of weeks.”

Hugo Lee, CEO of global digital asset management platform Haru Invest, said that “fast growth attracts hackers. With explosive growth of the NFT market last year, hacking issues are increasing, just like what the DeFi market experienced in 2020 and 2021. Hacking methods are changing too - from attacks on the Hot Wallet via Smart Contracts to hacking company’s email or discord and sending out phishing links.”

“With mass adoption of crypto and NFT on the way, organizations need to pay more attention in creating a secure environment for users," Lee said. "For DeFi and NFT companies, a 3rd party Smart Contract Audit or DeFi Audit should be considered."

For CeFi companies, he added, "protecting digital assets on the Hot Wallet is the priority - we could say that companies that use the Cold Wallet for asset management tend to be safer.

'Users Have to A Role to Play'

“Users have a role to play as well," Lee said. "Two factor authentication is a must and need to be aware of phishing links as they may activate Hot Wallet or set up smart contracts."

"Bruhh wen this hak will stop @elonmusk you should buy @discord too lol," commented one person, referring to Tesla  (TSLA Get Tesla Inc Report CEO Elon Musk's $44 billion deal to acquire Twitter  (TWTR Get Twitter, Inc. Report.

This is not the first time OpenSea is victim of a hack.

In February, OpenSea said it was investigating a scam targeting users of its NFT platform.

The hacker(s) stole several NFTs and had already sold a few for ethereum worth $1.7 million, according to CEO Devin Finzer.

OpenSea made Time Magazine's  (TIME)  list of the 100 Most Influential Companies in March.

OpenSea began accepting ApeCoin, the main token for the Bored Ape Yacht Club ecosystem and the main currency required in the metaverse game experience Otherside. 

In January, OpenSea raised $300 million in new venture funding, led by venture capital firms Paradigm and Coatue, valuing the company at $13.3 billion.

What is inkl?
The world’s most important news, from 100+ trusted global sources, in one place.
Morning Edition
Your daily
news overview

Morning Edition ensures you start your day well informed.

No paywalls, no clickbait, no ads
Enjoy beautiful reading

Content is only half the story. The world's best news experience is free from distraction: ad-free, clickbait-free, and beautifully designed.

Expert Curation
The news you need to know

Stories are ranked by proprietary algorithms based on importance and curated by real news journalists to ensure that you receive the most important stories as they break.

Dive Deeper:
Bored Ape Thefts on Instagram Are Crypto’s Latest Hack Headaches
When it comes to crypto hacks, the story is often the same: Scammers take advantage of a vulnerability in a…
NFTs: the great rush may be over – but are they in actual decline?
Jack Dorsey’s first tweet sold for $2.9m in 2021 then could not get past $14,000 at auction last month. But…
U.S. Sanctions Virtual Currency Mixer Tied to North Korea
The U.S. Treasury Department on Friday sanctioned Blender.io, a virtual currency mixer it said was tied to North Korea’s hacking…
Coinbase NFT Marketplace Sees Under 150 Users On Day One
The widely anticipated launch of Coinbase Global Inc’s (NASDAQ: COIN) NFT marketplace appears to have had an underwhelming first day.
One subscription that gives you access to news from hundreds of sites
A popular program for teaching kids to read just took another hit to its credibility
Reading Recovery is one of the world's most widely used reading intervention programs for young children. A new study questions…
Metaverse Land Just Sold For $129,600 (90,000 MANA) In Decentraland
What happened: Virtual land tokenized as an NFT just sold for $129,600, which is 24.74x the current floor price of…
Get all your news in one place