News

A bug allowed NFTs to be bought ten times below their price

NFTs are booming, but now the attacks around this new technology are also expanding.

Buying or selling NFTs is not a common activity, and few people have ever entered a platform to buy these non-fungible tokens, which are so much talked about. But if ever the idea took you to acquire one of these digital graphic works, you will surely find yourself on OpenSea, a sales platform that is today the best known and most reputable.

But being the best in your field is not a guarantee of safety. This is indeed what the platform has just discovered, which woke up with a very serious shortfall. Indeed, a few NFTs have been sold in the past few hours, but for prices well below the current market.

A single NFT made over $180,000

An astonishing sale that would have been allowed by a problem within the platform, a flaw that a few clever people were able to exploit at will. Indeed it would have been possible to buy certain NFTs at the prices formerly displayed by the seller. Rates well below current market standards. According to initial estimates, the loss could be several million euros for the various sellers.

For example, an NFT, named Bored Ape #9991, which is part of a collection of 10,000 similar images, was purchased thanks to this bug for only $1,747 (0.77 ether). A price a hundred times below the standards, this kind of NFT being traded on the market for 100,000 dollars, at a minimum.

Almost 20 minutes after the purchase was made, the NFT was resold for 84.2 ether, a much more logical price for this kind of good. The capital gain is therefore nearly 83.5 ethers, or around 180,000 euros. A very nice operation in 20 minutes for the smart guy who found this flaw.

Very rare attacks

But according to computer researcher Tom Robinson, there was not just one sale. Indeed, a single wallet would have bought 7 NFTs against nearly $100,000 thanks to this flaw. Moments later, they were sold for a million dollars. A flaw that has worried all NFT owners, but which remains very rare according to Robinson: “Usually you see people getting hacked with phishing, but not market attacks.”

While the attackers have managed to line their pockets in minutes, the pill is not getting through to the other side. The sellers are indeed mad with rage. TBALLER.eth, owner of the famous “Ape” reacted on Twitter, he who does not understand how this sale could have taken place without his authorization.

For the moment, OpenSea has not reacted to this “attack”. However, the company will have to explain how such sales could have taken place, without the owners ever being informed. Founded in 2017, the firm had recently been valued at more than $13 billion in the nascent NFT market.

While these non-fungible tokens are increasingly present on the market, attacks like the one that has just suffered OpenSea could put a big brake on the development of the platform.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *