Over the weekend, at least thirty-two users on OpenSea (considered the largest NFT marketplace) lost NFTs.

According to The Verge, most of the phishing attacks occurred between 5 PM and 8 PM Eastern on Saturday. Approximately 254 tokens were removed from wallets if they were purchased on OpenSea. Their total value is more than $1.7 million based on Ethereum, which the fraudsters obtained by selling the NFTs they obtained.

Devin Finzer, CEO of OpenSea, wrote on Twitter: “I know you’re all worried. We’re running an all hands on deck investigation, but I want to take a minute to share the facts as I see them: as far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen. The attack doesn’t appear to be active at this point — we haven’t seen any malicious activity from the attacker’s account in 2 hours. Some of the NFTs have been returned. We are not aware of any recent phishing emails that have been sent to users, but at this time, we do not know which website was tricking users into maliciously signing messages.”

The NFTs are risky because there’s always the chance of getting away with them. The creator of the Evolved Ape NFT, for example, got $2.7 million and failed to keep his promise to create a fighting game with monkey avatars. We also wrote recently about Cent: the marketplace had to stop its transactions, as many fraudulent, counterfeit NFTs were getting onto it. OpenSea is also suffering from the issue, and in the free mint tool they provide, there was an 80% rate of plagiarised and scam-related NFTs.

But one question could be asked here at the end: how can an image be owned if it comes from the internet? Because when you take your photo, you really can’t have a copy of it on the internet if you haven’t shared it with others…

Source: PCGamer