Check Point Software said Wednesday that it recently found vulnerabilities in a platform used by OpenSea, the largest marketplace for digital collectibles known as NFTs, or non-fungible tokens.
why it mattersPatched vulnerabilities, if exploited, could allow hackers to take control of accounts and even entire crypto wallets by sending malicious NFTs.
description: Check Point said it began investigating the matter after seeing reports of people’s accounts being hijacked after receiving unwanted NFTs via Apple’s AirDrop.
- It reported the flaw to OpenC on September 26, and the company fixed it within an hour to prevent the exploit.
what are they saying:
- open sea Thanked Check Point for bringing this issue to their notice and said that no such case has been identified so far where the defect was exploited. It also said that it is trying to better coordinate with the third-party wallets it integrates with its platform to educate users as well.
- Oded Vanunu of Check Point Software Be warned that bad actors are seizing the opportunity presented in the form of consumer adoption of NFTs, even though the security surrounding the token is still growing. “Given the rapid pace of innovation, there is an inherent challenge in securely integrating software applications and crypto markets,” Vanunu said.
be smart: Check Point recommends that people be extra careful of unwanted requests to log into their crypto wallets.
Our thought bubble: While this flaw appears to have been caught before significant damage, it highlights the uncertain nature of digital collectibles and currencies.
go in: Check Point posted a video with more details on the flaw Here.