This past Saturday, hackers socially engineered approximately 32 OpenSea users into signing incomplete contracts and stole 254 NFTs. Although it was a phishing attack, it caused a bit of a panic. A spreadsheet compiled by the blockchain security service PeckShield shows the stolen tokens, which include NFTs from Decentraland and Bored Ape Yacht Club. @Nesotual explains the hacker’s methodology in this tweet thread.
Could this happen to you? Yes. It could happen to anyone. Phishing and ice phishing attacks are rampant. To protect yourself (and your digital assets), consider revoking your token approvals from various dApps; learn how to do this with your Ethereum-based assets here.
Author’s note: This is not a sponsored post. I am the author of this article and it expresses my own opinions. I am not, nor is my company, receiving compensation for it.