Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label NFTs. Show all posts

The United States is Monitoring Vulnerabilities in Bitcoin

 

The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022. The National Vulnerability Database (NVD), overseen by the National Institute of Standards and Technology (NIST), a branch of the U.S. Department of Commerce, has brought attention to this issue for public awareness. This underscores the growing focus of government agencies on the security dimensions of cryptocurrencies.

The vulnerability at the core of this development is specific to certain versions of Bitcoin Core and Bitcoin Knots. It enables the bypassing of the datacarrier limit by disguising data as code. In practical terms, this vulnerability could result in the Bitcoin network being inundated with non-transactional data, potentially causing congestion in the blockchain and affecting performance and transaction fees. This concern is not merely theoretical, as evidenced by the exploitation of the Ordinals inscriptions in 2022 and 2023.

The Ordinals gained prominence in late 2022, involving the embedding of additional data onto a satoshi, the smallest Bitcoin unit, similar to the concept of nonfungible tokens (NFTs) on the Ethereum network. However, the increased usage of Ordinals transactions has led to heightened network congestion, resulting in elevated transaction fees and slower processing times. For blockchain enthusiasts, these issues are not just technical glitches but critical challenges that could influence the future trajectory of Bitcoin.

Luke Dashjr, a Bitcoin Core developer, has been outspoken about this vulnerability, likening it to receiving a flood of junk mail that obstructs essential communications. This metaphor aptly encapsulates the essence of the vulnerability, disrupting the otherwise streamlined process of Bitcoin transactions.

In response to these concerns, a patch has been developed in Bitcoin Knots v25.1. However, Dashjr notes that Bitcoin Core remains vulnerable in its upcoming v26 release. He expresses hope that the issue will be addressed in the v27 release next year. The implications of this vulnerability and its subsequent patching are substantial. Rectifying the bug could limit Ordinals inscriptions, although existing inscriptions would persist due to the immutable nature of the network.

This situation underscores a broader theme in the cryptocurrency world: the constant evolution and the need for vigilance in maintaining network security. The involvement of U.S. federal agencies in tracking and cataloging these vulnerabilities may signify a step toward more robust and secure blockchain technologies. While the identification of Bitcoin's vulnerability by the NVD serves as a cautionary tale, it also presents an opportunity for growth and improvement in the cryptocurrency ecosystem.

School Kids are Stealing NFTs Worth Millions of Dollars to Purchase Roblox Skins

 

Being wary of journalists can be a good thing at times. Take the case of Orbiter Finance. A claimed journalist from a crypto news website contacted one of its Discord moderators last month and requested that they complete out a form. The moderator had no idea that this uncomplicated action would give someone else control of their Discord server.

Once inside, the offender froze other admins' access to the system and restricted community members' ability to submit messages. Everyone who clicked on the phoney airdrop announcement was taken to a phishing website intended to steal their NFTs. The plan was successful. They quickly took NFTs and tokens worth $1,000,000 while the squad was only onlookers.

"We were so concerned," Gwen, a business development manager at Orbiter Finance, said in an interview. "If we cause any damage to [our community members], we will just lose their trust."

The Orbiter attack is only one of many recent examples involving NFT drainers and compromised Discord servers or Twitter accounts. Data obtained by NFT researcher and security specialist OKHotshot shows that at least 900 Discord servers have been infiltrated for phishing attempts since December 2021, with a noticeable uptick in the previous three months.

According to statistics obtained by PeckShield and several dashboards on Dune Analytics by Scam Sniffer and others, such assaults have hit at least 32,000 victim wallets over the last nine months. Attackers have stolen NFTs and tokens worth a total of $73 million.

Culprits behind the attacks 

These methods frequently involve wheeling and dealing in a growing drainer code black market. The masterminds behind the phishing assaults first go to Telegram and Discord, where they can identify channels hosted by the creators of various drainers. 

They contact the developer and acquire the drainer, which is a set of code that can be installed into websites, while often agreeing to give the developer 20-30% of the proceeds. Then, using their own tactics, such as the fake news site stated above, they will hijack a Discord server or Twitter account and advertise a false website containing the NFT drainer code in order to steal NFTs and whatever else they can get their hands on. 

That is, when they are not preoccupied with homework. 

"95% of them are kids below the age of 18 who are still in high school," said Plum, a pseudonymous security researcher who works on the trust and safety team at NFT marketplace OpenSea, adding that the frequency of attacks tends to spike around the Summer holidays. 

“I personally have talked to quite a few of them and know they’re still in school,” stated Plum. “I’ve seen pictures and videos of various of them from their schools. They talk about their teachers, how they’re failing their classes or how they need to do homework.” 

These kids appear to make little effort to conceal their newfound wealth. “They'll buy a laptop, some phones, shoes and spend vast amounts of money on Roblox. They all play Roblox for the most part. So they'll buy the coolest gear for their Roblox avatar, video games, skins and things like that,” Plum added. 

Plum went on to say that they frequently buy gift cards with cryptocurrency on the gift card marketplace Bitrefill, spend thousands of dollars on Uber Eats, buy luxury clothes, pay individuals to do their homework for them, and even buy automobiles they can't drive yet. They also enjoy gambling. 

The exploiters try to hide their tracks by paying people in lower-income countries to use their personal information to register on exchanges, obscuring the trail when they cash out, according to Plum. They claim that if law enforcement had been interested in arresting them, at least some of them should have been apprehended by now because they leave adequate evidence of their actions.

Plum mused on why offenders believe they can get away with such crimes, saying that "they feel invincible, they have God mode — that no-one can touch them." 

While countries such as North Korea are also involved in phishing operations against NFTs, Plum claims that they normally employ their own drainers and are less connected with drainers for sale. The NFT drainers' creators, who in some cases carry out assaults using their own technology, are a little more elusive, but their pseudonymous profiles leave a unique trail. 

The growing problem of NFT drainers

Monkey, one of the first NFT drainers, launched their Telegram channel in August. But it wasn't until October that it really got going. According to PeckShield, their technology was utilised to steal 2,200 NFTs worth $9.3 million and an additional $7 million in tokens over the next few months. 

Monkey chose to retire on February 28th. Its creator stated in a parting message that "all young cyber criminals should not lose themselves in the pursuit of easy money." They advised its customers to use Venom, a competitor drainer. 

Venom was a worthy opponent. It was another of the first drainers, and it was used to steal over 2,000 NFTs from over 15,000 victims throughout time. Customers of the drainer employed 530 phishing sites to perform attacks on crypto projects such as Arbitrum, Circle, and Blur, netting a total of $29 million in NFTs, ether, and different currencies.

While Venom was one of the first NFT drainers to go multichain, security experts say they failed miserably. However, their drainer was the first to be used to steal NFTs from the NFT marketplace Blur. 

Inferno, which was used to steal $9.5 million from 11,000 victims, and Pussy, which was used to steal $14 million from 3,000 victims, were two other rivals. Customers of Angel, which began on a Russian hacking forum, used it to steal $1 million from over 500 victims in the form of NFTs and various tokens, most notably compromising the Twitter account of crypto wallet Zerion. 

However, the drainers' operation stays the same, with a few tweaks here and there. Plum believes that the solution rests in safety-oriented wallet extensions, which are successful in protecting wallets. It is also prudent to use and preserve multiple wallets in cold wallets.

Five Suspects Charged for $2.5 million Worth NFTs Theft, Targeting Bored Ape NFT Owners

 

On Wednesday, October 12, five crypto scammers in France faced allegations of collaborating in a phishing scam and were consequently charged. Allegedly, the suspects have audaciously acquired and resold $2.5 million worth of blue chip non-fungible tokens (NFTs). The phishing scam prominently targeted Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) owners. 
 
As per the prosecution, the alleged suspects leveraged a phishing scam in order to steal the assets, enticing victims through a fake website, while promising to animate their NFTs, reports Agence France Presse (AFP) in a post by Barrons. 
 
The charged suspects aged between 18 and 24, are residents of Paris, Caen, and Tours. Two of the five scammers are charged with manufacturing the fraudulent phishing site that enabled the theft. The rest three were accused of taking charge of advertising and money laundering aspects of the phishing, says deputy chief of France’s cyber-crime authority, Christopher Durand. 
 
The prosecution charges included “fraud committed as a part of criminal gang, concealing fraud and criminal association.” The subjects have been placed in pre-trial detention by the French authorities, along with their parents. The parents of one of the accused have also been arrested, but later they were released without charge. 
 
The deputy chief says that the probe was initially started as a result of an investigation by well-known Twitter user “ZachXBT" ZachXBT, describing himself as an “on-chain sleuth" in a blog post mentioned how the Twitter user “Dilly Dilly" had clicked on a link shared by “a verified member of the BAYC Discord" and consequently had his BAYC NFT stolen after approving a transaction on website that “he was lead to believe would produce an animated version” of his NFT.  
 
ZachXBT claims that after selling the stolen tokens on the NFT marketplace Opensea, the accused tried to hide the tracks by using the now-sanctioned Tornado Cash protocol. 
 
A report by blockchain analytics firm Elliptic suggests that over $100 million worth of NFTs being stolen between July 2021 and July 2022. Along with these recent incidents, NFT fraud seems to be rapidly booming in general and thus has sparked security concerns.  
 
This news sees the light of day when the firm behind the Bored Ape collection, Yuga Labs is under investigation for its business practices. Although the organization has not yet been charged with any misconduct, the Securities and Exchange Commission (SEC) is now investigating the start-up, to check if the anonymous sources reported by Bloomberg are true.

Users' Crypto Wallets are Stolen by Fake Binance NFT Mystery Box Bots

 

Researchers have discovered a new campaign to disperse the RedLine Stealer — a low-cost password seeker sold on underground forums — by mutating oneself with the data malware from GitHub repositories using a fake Binance NFT mystery box bots, an array of YouTube videos that take advantage of global interest in NFTs. 

The enticement is the promise of a bot that will automatically purchase Binance NFT Mystery Boxes as they become available. Binance mystery boxes are collections of non-fungible token (NFT) things for users to purchase in the hopes of receiving a one-of-a-kind or uncommon item at a discounted price. Some of the NFTs obtained in such boxes can be used in online blockchain games to add unusual cosmetics or identities. However, the bot is a hoax. According to Gustavo Palazolo, a malware analyst at Netskope Threat Labs, the video descriptions on the YouTube pages encourage victims to accidentally download RedLine Stealer from a GitHub link. 

In the NFT market, mystery boxes are popular because they provide individuals with the thrill of the unknown as well as the possibility of a large payout if they win a rare NFT. However, marketplaces such as Binance sell them in limited quantities, making some crates difficult to obtain before they sell out. 

"We found in this attempt that the attacker is also exploiting GitHub in the threat flow, to host the payloads," Palazolo said. "RedLine Stealer was already known for manipulating YouTube videos to proliferate through false themes," Palazolo said. The advertising was spotted by Netskope in April. "While RedLine Stealer is a low-cost malware, it has several capabilities that might do considerable harm to its victims, including the loss of sensitive data," Palazolo said. This is why prospective buyers frequently use "bots" to obtain them, and it is exactly this big trend that threat actors are attempting to exploit. 

The Ads were uploaded during March and April 2022, and each one includes a link to a GitHub repository that purports to host the bot but instead distributes RedLine. "BinanceNFT.bot v1.3.zip" is the name of the dropped file, which contains a program of a similar name, which is the cargo, a Visual C++ installation, and a README.txt file. Because RedLine is written in.NET, it demands the VC redistributable setup file to run, whereas the prose file contains the victim's installation instructions.

If the infected machine is found in any of the following countries, the virus does not run, according to Palazolo: Armenia, Azerbaijan,  Belarus,  Kazakhstan,  Kyrgyzstan,  Moldova,  Russia,  Tajikistan Ukraine, and Uzbekistan.

The repository's GitHub account, "NFTSupp," began work in March 2022, according to Palazolo. The same source also contains 15 zipped files including five different RedLine Stealer loaders. "While each of the five loaders we looked at is slightly different, they all unzip and inject RedLine Stealer in the same fashion, as we discussed earlier in this report. The oldest sample we identified was most likely created on March 11, 2022, and the newest sample was most likely compiled on April 7, 2022," he said. These promotions, on the other hand, use rebrand.ly URLs that lead to MediaFire downloads. This operation is also spreading password-stealing trojans, according to VirusTotal. 

RedLine is now available for $100 per month on a subscription basis to independent operators, and it allows for the theft of login passwords and cookies from browsers, content from chat apps, VPN keys, and cryptocurrency wallets. Keep in mind that the validity of platforms like YouTube and GitHub doesn't really inherently imply content reliability, as these sites' upload checks and moderation systems are inadequate.

 Ferrari Subdomain was Seized over to Promote a Bogus Ferrari NFT Collection

 

Cyberattackers hacked Ferrari's subdomains website to promote a fake NFT collection that pretended to be the much-anticipated official one and duped its consumers. 

Non-fungible tokens, or NFTs, are a new sort of digital asset that has been gaining popularity as big tech constructs the Metaverse. NFT is data recorded on a cryptocurrency blockchain that has been signed by a digital certificate to verify it is unique and cannot be copied. Having an NFT is similar to having a real asset, except the real deal is digital. The NFT trend is quickly spreading and is closely tied to cryptocurrency. It's also expanding rapidly. To mention a few, One Plus, Budweiser, Nike, Visa, Adidas, and Louis Vuitton have all entered the NFT realm. NFTs usually sell for a few dollars, however, in rare situations, the price of NFTs can surge. 

Sam Curry, an ethical hacker and bug bounty hunter, reported seeing one of Ferrari's subdomain forms on Thursday. A false NFT (Non-Fungible Token) fraud is hosted on ferrari.com.

Having a brand new Ferrari is exclusive for the wealthy, with prices ranging from $250,000.00 to 1.8 million dollars. Last year Ferrari announced it might soon sell digital Ferrari NFTs to appease its fan base, which made this scam all very convincing. 

Ferrari and Velas Network AG have established a new relationship. Velas stated that they would break into Formula 1 in 2022 alongside Ferrari. Internationally, the company is noted for its transparency and leadership in blockchain, digital products, and services. 

"Mint your Ferrari," a crypto scam, encouraged users to buy NFT tokens by falsely claiming Ferrari had launched "a collection of 4,458 horsepower [sic] NFTs on the Ethereum network." 

Further analysis by Curry and a security engineer is known as d0nut found how attackers hacked the subdomain and used an Adobe Experience Manager weakness to host its bitcoin fraud.

"After more investigation, it appears that this was an Adobe Experience Manager exploit. By poking around, you can still uncover remains of the unpatched site," Curry wrote.

Many people have criticized blockchains for conducting crypto trading and NFT services because of it's large energy consumption and environmental impact. Ferrari picked Velas for more than just the speed. The company operates in a carbon-neutral manner. Ferrari while announcing the big news claimed that "they have transformed the world of blockchain by inventing a pioneering, energy-efficient platform that functions at unprecedented speed."

Hackers Steal NFTs Worth $3M in Bored Ape Yacht Club Heist

 

Hackers stole non-fungible tokens (NFTs) estimated to be worth $3 million after getting into the Bored Ape Yacht Club's Instagram account and uploading a link to a replica website that tried to capture marks' assets.

The fake post offered a free airdrop – essentially a promotional token giveaway, to customers who clicked the link and connected their MetaMask crypto-asset wallets to the scammer's wallet. Rather than receiving free items, victims had their digital wallets drained. 

Bored Ape Yacht Club tweeted Monday morning in a warning that came too late for some of its members, "It looks like BAYC Instagram was hacked. Do not mint anything, click links, or link your wallet to anything,"  

The Bored Ape Yacht Club, or BAYC, is a collection of photographs depicting bored primates in various attitudes and costumes, which can be used as internet profile avatars and sell for hundreds of dollars in crypto coins. 

Miscreants stole four Bored Apes, six Mutant Apes, and three Bored Ape Kennel Club NFTs, as well as "assorted additional NFTs estimated at a total value of $3 million," according to Yuga Labs, the company that launched Bored Ape Yacht Club. 

"We are actively working to establish contact with affected users," a Yuga Labs spokesperson said, adding that its hijacked Instagram account did have two-factor authentication enabled, "and the security practices surrounding the IG account were tight." 

"Yuga Labs and Instagram are currently investigating how the hacker was able to gain access to the account," the spokesperson stated. 

This is the second time in less than a month that the NFT collection has been hacked. Bored Ape Yacht Club said on March 31 that their Discord server had been compromised. According to security firm PeckShield, a cybercriminal stole one NFT: Mutant Ape Yacht Club #8662 in a previous incident. 

In March, following the launch of the ApeCoin cryptocurrency by the Bored Ape Yacht Club, fraudsters stole around $1.5 million by claiming a huge amount of tokens using NFTs they did not own and obtaining bogus flash loans. Flash loans are given and repaid in a single blockchain transaction, which might take as little as seconds to get and return the funds. These and other recent hacks have raised security concerns about NFT and cryptocurrency technologies.

Hackers in Dprk use Trojanized DeFi Wallet App to Steal Bitcoin

 

North Korean government-linked hackers have now been circulating a trojanized version of a DeFi Wallet for holding bitcoin assets to obtain access to cryptocurrency users' and investors' systems.

Securing economic benefits is one of the primary motives for the Lazarus threat actor, with a focus on the cryptocurrency industry. The Lazarus group's targeting of the financial industry is increasing as the price of cryptocurrencies rises and the appeal of the non-fungible asset (NFT) and decentralized finance (DeFi) enterprises grows.

In this attack, the threat actor used web servers in South Korea to distribute malware and communicate with the implants that had been placed. Kaspersky Lab researchers recently identified a malicious version of the DeFi Wallet software that installed both the legal app and a backdoor disguised as a Google Chrome web browser executable. When the trojanized DeFi application was launched on the machine, it introduced a full-featured backdoor with a compilation date of November 2021. It's unknown how the hackers spread the word, but phishing emails or contacting victims through social media are both possibilities. 

Although it's not clear how the threat actor persuaded the victim to run the Trojanized program (0b9f4612cdfe763b3d8c8a956157474a), it is believed they used a spear-phishing email or social media to contact the victim. The Trojanized application initiates the previously unknown infection technique. This installation package masquerades as DeFi Wallet software, but it actually contains a legal binary that has been packed with the installer. 

The virus installed in this manner, as per the researchers, has "sufficient capabilities to manage" the target host by issuing Windows commands, uninstalling, starting or killing processes, enumerating files and related information, or connecting the computer to a particular IP address. 

The malware operator can also collect relevant data (IP, name, OS, CPU architecture) and the discs (kind, free space available), files from the command and control server (C2), and retrieve a list of files stored in a specified area using additional functionalities. According to Japan CERT, the CookieTime malware group known as LCPDot has been linked to the DPRK operation Dream Job, which enticed victims with phony job offers from well-known firms. 

Google's Threat Analysis Group (TAG) revealed recent activity related to Dream Job earlier this month, finding North Korean threat actors used a loophole for a zero-day, remote code execution bug in Chrome to aim at people working for media, IT companies, cryptocurrency, and fintech companies. "The CookieTime cluster has linkages with the Manuscrypt and ThreatNeedle clusters, which are also attributed to the Lazarus organization," Kaspersky adds. 

The links between the current trojanized DeFiWallet software and other malware attributed to North Korean hackers go beyond the virus code to the C2 scripts, which overlap many functions and variable names. It's worth mentioning that Lazarus is the umbrella name for all state-sponsored North Korean threat operations. Within the DPRK, however, several threat groups are operating under different institutions/departments of the country's intelligence establishment. 

Mandiant analysts prepared an evaluation of the DPRK's cyber program structure using data collected over 16 months from its digital activity tracking for the entire country, OSINT monitoring, defector reporting, and imaging analysis. Targeting bitcoin heists is certainly within the scope of financially motivated units inside the country's Reconnaissance General Bureau's 3rd Bureau (Foreign Intelligence), according to their map (RGB).   

OpenSea Phishing Scam Swindled Millions in NFTs

 

On Saturday, a phishing attack targeted 17 users of OpenSea, one of the major NFT markets, according to the company. The hack apparently resulted in the theft of over 250 NFTs worth at least $1.7 million. 

A nonfungible token, or NFT, is a way of proving ownership of a digital asset. NFTs linked to digital art have been increasingly popular in recent months, owing to the involvement of high-profile personalities. The attacker, or attackers, stole NFTs from OpenSea users over a 3-hour window on Saturday by compromising the underlying code that allows NFTs to be bought and sold. 

OpenSea tweeted late Sunday that the attack didn't appear to be active, with the most recent action 15 hours before. Nadav Hollander, the CTO of OpenSea, also provided a technical breakdown of the phishing attack. Phishing attacks are frequently carried out using emails that contain harmful links and fraudulently purport to be from a company. It's still unknown how OpenSea customers were lured into the phishing scam.

While the identity of the wallet's owner can be hidden in digital wallets used to keep NFTs, the transactions of digital assets on a blockchain are normally public. As a result, anyone with technical knowledge can track the NFTs from wallet to wallet. 

OpenSea CEO Devin Finzer in a post on Twitter on Saturday after the attack stated, "The attacker has $1.7 million of ETH in his wallet from selling some of the stolen NFTs." 

The hacker also appears to have returned some of the NFTs to the original owners. OpenSea tweeted on Sunday that the investigation into Saturday's phishing attack is still ongoing. OpenSea's CTO, Nadav Hollander, posted a Twitter thread summarising the company's current understanding of the attack, which the company believes did not originate from OpenSea. 

Hollander said, "All of the malicious orders contain valid signatures from the affected users, indicating that they did sign an order somewhere, at some point in time. However, none of these orders were broadcasted to OpenSea at the time of signing."

Elon Musk Backed Floki Turns Rs 1000 Into Rs 34 Lakh

 

Everyone knows that at the start of this year, Musk was one of the most vocal proponents of Dogecoin. His regular pronouncements and tweets propelled the cryptocurrency to new heights. Tesla CEO Elon Musk, on the other hand, stated in June that he will be getting a Shiba Inu dog (the face of Dogecoin) as a pet shortly, and that it will be named 'Floki.'

In September of this year, Musk shared a photo of Floki, which sparked another surge in the Dogecoin. This benefited all the linked or inspired coins, such as Baby Doge and Shiba Inu. Floki Inu, on the other hand, has been the largest gainer, with significant returns to its investors. Surprisingly, the coin didn't even exist until recently. 

The digital token has risen 3,40,150% in just two months, from $0.00000002 on August 8 to $0.00006805 on October 8. In rupee terms, this implies it turned a Rs 1,000 investment into Rs 34 lakh in less than two months. As of Sunday, Floki Inu had a market capitalization of $700 million (Rs 5,250 crore), which was higher than that of listed companies such as Sequent Scientific, Strides Pharma, Inox Leisure, Cochin Shipyard, Sudarshan Chemicals, MTAR Technologies, and others. 

Floki Inu is also the only crypto project officially affiliated with Elon Musk's brother Kimbal Musk's 'Million Gardens Movement,' which aims to empower people to choose, grow, prepare, and consume healthy food. In a contribution drive for this movement last week, Floki Inu raised $1.4 million in just 35 minutes. Floki Inu issued 10,000 Flokitars to the general public on September 18, 2021. 

Floki Inu is riding high on the play to earn revolution, which resonates with millions around the world, according to Sharat Chandra, Blockchain & Emerging Tech Evangelist. This explains the coin's unprecedented pricing. 

"It’s going to head north in the days and months to come. Team behind Floki is focussed on developing an ecosystem of use cases powered by NFTs, games, decentralized banking and creating new monetization models," Sharat said. 

According to Darshan Bathija, Co-Founder and CEO of Vauld, "the way this meme coin is being regarded has radically changed over the last six months as they have grown more mainstream." If a coin's price movements are influenced by a big external source, it poses a greater concern and investment risk, Darshan added.

Scammers Steal Victims Cryptowallets And NFTs, Posing as OpenSea Agents

 

The latest, quite significant, and severe Discord phishing attack intended at stealing cryptocurrency funds and NFTs have badly attacked OpenSea users. Cybercriminals have been sneaking on OpenSea's Discord server for the past week, masquerading as authorized support representatives for the website. These bogus employees provide confidential support to an OpenSea user in need, resulting in the loss of cryptocurrency and NFT collectibles managed in the victim's MetaMask wallets. 

OpenSea is the world's largest NFT marketplace, with a 542 percent rise in volume over the last month, accounting for over half of the company's entire lifetime transaction volume of $2.423 billion. 

OpenSea is indeed a peer-to-peer marketplace for crypto collectibles and non-fungible tokens. It encompasses collectibles, gaming items, and other virtual products secured by a blockchain. A smart contract on OpenSea allows anybody to buy or sell these products. This instance was a scenario where the fraudsters took advantage of the working of the site. 

Whenever an OpenSea user requires assistance, they could contact the site's help center or the site's Discord server. Later when the user joins the Discord server and publishes a help request, fraudsters lurking on the server immediately start sending the user personal messages. These messages include an invitation to an OpenSea Support server to receive further assistance. 

Jeff Nicholas, an artist who was a victim of this fraud, informed Bleeping Computer that after joining the bogus OpenSea support server, the scammers urged him to open the tab on screen sharing so that they could offer assistance and guidance in resolving the issue. 

“Lots of grooming, processing through the issue pulling you in. Then ask you to screen share so they can see what you are seeing”, Nicholas told. 

“Say you require to resync you MM and at this point your sort of stuck into fixing this thing whatever it is. Pull up QR code and it immediately says “synced” (because they scanned it). So then they have your seed phrase (without actually having it),” he explained.  

It is possible to sync the mobile MetaMask wallet with the Chrome extension by going to 'Settings', clicking on 'Advanced', and thereafter tapping 'Sync with mobile'. On this screen, users would be required to enter the password and then a QR code would be generated. 

The Mobile MetaMask Software automatically scans this QR Code to synchronize and import the user's Chrome wallet, immediately. Nevertheless, any user who encounters this QR code along with the bogus support representatives, can take a screenshot and use that snapshot to synchronize the wallet into their smartphone apps. 

Whenever the bogus support agents scan the QR code on their smartphone app, they gain complete access to the cryptocurrency and any NFT collectibles stored within it. The victims are then transported to the threat actors' wallets. 

To avoid having the wallets swiped by these types of frauds, one must never disclose their wallet's recovery keys, password phrases, or QR codes used for synchronizing. 

“Saddened to listen an OpenSea user was the victim of a significant phishing attack last night,” read a tweet by OpenSea’s Head of Product Nate Chastain. “The scammer masquerades as an OpenSea employee and has the user scan a QR code granting wallet access. Please be attentive and direct support requests through our Help Center/ZenDesk.”

Centre of Attraction for Scammers : NFTs

 

NFTs - non-fungible token have been around for a few years now, but recent attention has sparked a surge throughout the market. NFTs are all here to stay, according to proponents, as they're more stable. Though enthusiasts may be correct about NFTs' long-term viability, as they may also no longer be a significant part of the art market once the original frenzy subsides. The art market's key elements are authenticity and originality, and NFTs certainly delivers both. 

A non-fungible token (NFT) is a data unit on a digital ledger known as a blockchain that really can represent a single digital object and therefore is not interchangeable. NFTs can be used to depict digital files like art, audio, video, video game objects, and other types of creative work. However, the definition can appear to be fundamentally abstract, it comes down to being able to assert exclusive possession of a collectible. 

"The higher the value of a cryptocurrency, the higher the volume of fraud targeting its users," says Abhilash Garimella, research scientist at fraud prevention firm Bolster.

NFTs can reflect digital possession of almost everything, for instance we can take, Twitter CEO Jack Dorsey's first tweet, Grimes' original art, Marvel artists' exclusive superhero comic drawings, and every other form of artistic work, including videos and audio. The Marvel comics entered the blockchain world, where an Ethereum-based Spiderman NFT was sold for $25,000. And till now the NFT "cryptocurrency collectibles" have sold for more than $100 million. 

Bitcoin and other cryptocurrencies have been questioned, despite proponents believing they are the future of economic systems and opponents dismissing them as nothing but a digital Ponzi scheme. Bitcoin mining is said to use as much energy as used by entire countries. People have become much more hesitant to buy and sell off their assets on the blockchain as they have become more aware of its vast energy requirements. Despite the fact that the blockchain is also said to be safe, there've been numerous cryptocurrency hacks. Both of these factors can deter young people from joining the craze, making it more difficult for NFTs to achieve long-term success. 

Hackers are indeed searching for ways to get as many Bitcoin, Monero, Ethereum, and other valuable digital coins as feasible, as shown by their fondness for ransomware, crypto mining, and hacking through cryptocurrency exchanges and extracting all of their assets in recent times. 

In 2020, two Florida teens and a British man duped a number of people into thinking that the 130 high-profile Twitter accounts they'd took over might potentially double people's bitcoin assets once they'd been collected by Elon Musk and Bill Gates. Many people have fallen for the scam which involves Musk allegedly offering "free" NFTs after victims "verified" themselves by giving a small number of bitcoins "temporarily". This was one of the NFTs scams.