OpenSea serves as an example of why crypto security must improve
In February 2022, OpenSea fell prey to a major phishing attack that resulted in over $1.7 million in nonfungible tokens (NFTs) being stolen from users. It wasn’t the only incident: Blockchain users reportedly lost $3.9 billion to fraudulent activity in 2022 alone.
As we entered 2023, there was a chorus of promises to increase security within the crypto space. But, so far, things haven’t significantly changed. Companies that utilize blockchain still aren’t doing enough to prevent scams.
If blockchain technology is going to see mass adoption, companies will have to change their approach from the bottom up. By focusing on education and implementing better processes to identify malicious activity, these platforms can better serve their customers as the space continues to grow.
In the case of the OpenSea hack, victims were asked to sign an incomplete contract, seemingly at the platform’s request. While OpenSea’s core infrastructure was not hacked, the fake accounts were able to take advantage of the open-source Wyvern Protocol. Hackers were then able to use the owner’s signature to be transferred to a false contract that gave them ownership without having to pay for the NFTs.
Related: 10 predictions for crypto in 2023
OpenSea recently reversed some of its previous policies after it was reported that 80% of NFTs minted for free on the platform were plagiarized or spam. OpenSea also relies on trust in the developers that use its API, which is not a foolproof way to assess risk. These developers could use the API for malicious purposes to take advantage of users signing contracts they don’t read.
Smart contracts are an integral part of the blockchain engine and can be found everywhere, from NFT exchanges to veritable decentralized
Read more on cointelegraph.com
