In a significant incident, NFTs worth $240,000 were recently pilfered in a sophisticated phishing scheme targeting the Blur marketplace. The perpetrator leveraged a loophole within Blur’s system to orchestrate clandestine transactions, contrary to platform regulations.
This exploit has raised alarms within the cryptocurrency community, with a skilled fraudster executing a phishing attack on Blur, absconding with NFTs valued at approximately $239,676. The victim, known as 0xQuit on X (formerly Twitter), promptly reported the theft. The pilfered items included six Bored Ape Yacht Club NFTs, 40 Beanz, and three Elementals, all deceptively sold for a token sum of one wei each—a mere fraction of a cent.
The scammer capitalized on Blur’s listing system loophole to facilitate off-the-books transactions, sidestepping the platform’s stringent policies against such activities. By manipulating royalty settings, the attacker evaded mandatory public visibility requirements, thereby conducting transactions in secrecy.
Typically, when NFTs are listed at near-zero values, automated bots intervene by outbidding to prevent such occurrences, rendering the scammer’s attempts futile under normal circumstances. However, in this instance, the scammers deceived users into listing NFTs at inflated prices, diverting all proceeds to their designated address, according to 0xQuit. Furthermore, the scammer implemented a rule to nullify any transaction not initiated by them, ensuring the transactions remained concealed and proceeds directed to their control.
Highlighted Crypto News:
Is Bitcoin Price Vulnerable to Unforeseen Bearish Trends Before the Next Bull Run?
[Image]
[Image]