Researchers find security flaw in Rarible: Users could have lost all their NFTs

cointelegraph.com:

The research arm of cyber security software firm Check Point said it identified a vulnerability in the Rarible NFT marketplace that could have seen many of its roughly two million active monthly users lose their NFTs in a single transaction.

Check Point is a multinational IT security firm that was founded in Ramat Gan, Israel in 1993 and also claimed to have spotted issues relating to malicious airdrops on OpenSea back in October 2021.

According to documents shared with Cointelegraph, Check Point Research (CPR) recently discovered that malicious actors could send users a dubious link to an NFT that executes JavaScript code after clicking that “attempts to send a setApprovalForAll request to the victim.”

If the link is clicked, the user grants full access to their wallets on Rarible. CPR stated that it immediately notified Rarible on April 5, with the platform promptly acknowledging and fixing the security flaw:

Speaking with Cointelegraph, Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software said his team became interested in this type of scam after Taiwanese singer Jay Chou fell victim to a similar attack. Chou’s BoredApe #3738 NFT was swiped via a nefarious transaction at the start of this month.

“Once we saw that this NFT was stolen, it gave us the incentive to investigate further.” Such a vulnerability could also be possible on many other platforms, Vanunu said.

“Rarible acknowledged the security flaw quickly and fixed it by removing the SVG file upload option. This terminated the malicious NFT attack option,” Vanunu confirmed.

Related: Trezor investigates potential data breach as users cite phishing attacks

Vanunu refused to estimate the potential value lost that the security flaw could have