Security team creates dashboard to detect potential NFT hacks in OpenSea

A wallet security team released a real-time dashboard that lets community members detect, track and monitor potential nonfungible token (NFT) hacks using offline signatures in the OpenSea marketplace. 

According to the team behind crypto wallet ZenGo, they created an NFT hack detector using a simple method. This includes tracking realized NFT trades in the NFT marketplace and comparing the trade amount of the NFT collection’s floor price. If the ratio between the two trade values is suspiciously low, it will get flagged as a potential hack.

ZenGo wallet dashboard for detecting NFT hacks. Source: Dune Analytics

At the time of writing, the dashboard flagged almost $25 million worth of NFTs hacked through offline signatures. Tal Be’ery, the chief technology officer of ZenGo, also told Cointelegraph that this type of hack differs from others in two ways. 

First, this type of hack does not have a general way of showing the meaning of the messages users must sign. This means that users must “blindly trust” the message and “blindly sign them.” In addition, Be’ery also explained that this type of hack involves platforms’ contracts and argued that platforms share some responsibilities in these cases.

Related: Here’s how to prevent NFT theft, according to industry professionals

When asked about potential solutions for this problem within the community, the wallet executive claimed there’s currently no good solution. He explained that:

“Users can use some proprietary browser extensions that give some visibility into some offline signatures, but does not cover all offline signatures and needs to be updated whenever a new form of offline signature is added.”

According to the ZenGo team, they’ve also started working with the Ethereum Foundation, various decentralized applications, and other wallets to support a draft Ethereum Improvement Proposal (EIP) that fixes the issue if implemented. Be’ery said:

“The EIP allows a contract to describe the exact meaning of the offline signature, such that the wallet app can display it to the user and then the user can make an informed decision on whether or not they want to sign the offline signature and don’t need to blindly sign.”

Similarly, the other entities within the community have also been issuing warnings over gasless transactions on OpenSea. On Dec. 23, anti-theft project Harpie warned the community about a private auction scam that threatens users of the NFT marketplace. The scam also involves blindly approving signatures.

All Dutch and English crypto news!

Chainalysis breaks down how scammers adapt during the bear market

While scammers can also feel the chill of the crypto winter as scam revenue drops by 46%, some continue to adapt and thrive despite the...

Paris Blockchain Week 2023: Second day of the summit kicks off

Paris Blockchain Week (PBW) kicked off its fourth year as one of the world's largest conferences tackling all things blockchain, crypto and Web3. The event...

Aussie crypto exchange hints interest in Hong Kong base, but it’ll depend

Australia-based crypto exchange Independent Reserve is looking at opportunities to set up shop in Hong Kong, as the city continues efforts to become a cryptocurrency...

Coinbase CEO on its Wells Notice: SEC is like soccer referees in a game of pickleball

Brian Armstrong, the CEO and co-founder of crypto exchange Coinbase has compared the Securities and Exchange Commission (SEC) to "soccer refs" in a game of...

Beste exchanges

Koop je crypto bij Bitvavo