After the largest Ethereum marketplace faced a major phishing attack, the OpenSea CEO has finally made a statement. It seems Devin Finzer, OpenSea’s CEO, is confident that users’ NFT losses did not originate on OpenSea but from a third-party website.
What exactly did the OpenSea CEO say in his statement?
In a series of tweets, Finzer explained his side of the story. He said, “As far as we can tell, this is a phishing attack. We don’t believe it’s connected to the OpenSea website. It appears 32 users thus far have signed a malicious payload from an attacker, and some of their NFTs were stolen.”
Unfortunately, some NFT owners were deceived into transferring their NFTs into another wallet. Consequently, Etherscan shows a balance of 641 ETH in the trickster’s wallet.
However, Finzer refused to accept claims that this hack led to a loss of $200M. The OpenSea CEO further wrote that those who want to protect themselves from this attack can “un-approve” access to their NFTs. Additionally, he reminded users that they should double-check that they are on OpenSea when signing messages through their wallets.
OpenSea’s roller-coaster ride in the last few months
Recently, OpenSea requested customers to migrate their NFTs to a new smart contract. This step came as a solution to the user interface bug. To explain, this bug allowed NFTs to be listed at a fraction of their current prices, causing several users to lose their expensive NFTs for pennies.
Lastly, OpenSea CEO tried to assure the users that the following points were not vectors for the attack :
- Using the new migration tool
- minting, buying, selling, or listing NFTs using opensea.io
- interaction with an OpenSea email
- clicking on the site banner
The team is still working with victims of phishing attacks.