This story is developing…
OpenSea threw an alert up on its site on Saturday evening after dozens of users on twitter began clamoring about unusual activity that looked to be the result of a hack. Around 8:15 ET, one user claimed that 273 eth had been drained from his wallet in addition to countless NFTs.
We are actively investigating rumors of an exploit associated with OpenSea related smart contracts. This appears to be a phishing attack originating outside of OpenSea's website. Do not click links outside of https://t.co/3qvMZjxmDB.
— OpenSea (@opensea) February 20, 2022
Several users have pointed out that a malicious party could have copied and pasted a standard email that OpenSea had recently sent out to its users to inform them of a system update. A replica fake phishing email may have tricked users into signing away their wallet’s access.
Eth wallet: 0x3e0defb880cd8e163bad68abe66437f99a7a8a74 has already been fingered on Etherscan as the destination for the stolen funds. Presently the address has 641 ether in and dozens of NFTs including 3 Bored Apes.