The cryptocurrency industry endured a harsh period in 2022-23, and the total cost of attacks against the sector during this period exceeded billions of dollars. One of the most controversial attacks was those focused on OpenSea. The leading NFT trading platform OpenSea suffered multiple attacks last year, and the perpetrator of one of these attacks has been identified.
OpenSea Attacker Found
According to a new announcement by the FBI and released investigation files, the individual who attacked OpenSea has been identified as Soufiane Oulahya. Oulahya is accused of creating a copy of OpenSea and stealing multiple people’s NFTs and other cryptocurrencies. It is reported that during this incident in September 2021, Oulahya stole approximately $450,000 worth of NFTs and cryptocurrencies. The victim is reported to be a cryptocurrency investor from Manhattan. The attacker is currently being held under surveillance in his homeland, Morocco, awaiting trial.
The allegations against Oulahya shed light on what cybercriminals can do in the cryptocurrency industry. The charges include a fraud attack known as “spoofing,” in which the attacker is said to have copied OpenSea’s login page. The hacker was also able to manipulate Google search results to direct victims to his fake site. The victims, believing they were interacting with the real OpenSea, entered all their information to log in. Of course, after receiving an error message, Oulahya used the relevant information to log in to the real platform and managed to empty the entire account in a short time.
Cryptocurrency Crimes Under FBI Surveillance
US prosecutor Damian Williams stated in his comments on the matter that cryptocurrencies and NFTs could not resist cyber fraud and were defenseless against them. Christie M. Curtis, Director of the FBI New York Office, also stated that the FBI continues to investigate attacks against individuals and institutions in the US and is focused on finding criminals wherever they are.
The hacker will now be tried for cyber fraud, unauthorized device access, money laundering of $1,000 or more, and identity theft, each of which carries a severe penalty.