Opensea NFT hack explain Thread
-
28 days ago the hacker uploads a new smart contract, he already knows well that his goal is to get as many signatures as possible
-
He starts sending emails with phising websites. They tell you to sign a message to login/migrate to the new Opensea smart contract
Instead you are signing a private sale (0 eth) of your NFTs to the hacker
- Today he executes the smart contract function to steal the NFTs before their listings expire
He can do that because he has your signatures stored on his server
- As a final note, always check what you are signing, because one click makes a difference.
You can revoke access to your NFTs from official Etherscan website:
https://etherscan.io/tokenapprovalchecker
📢 All this is what we believe to have happened, but the investigation is still ongoing
Details check this Twitter thread 🧵
https://twitter.com/isotile/status/1495234649970421760?s=21
Edit: JUST IN: Over $200M worth of NFTs reportedly stolen from OpenSea phishing hack
submitted by /u/Frognation777
[link] [comments]