Blur piyasasında bir kullanıcı, geçtiğimiz günlerde oldukça karmaşık bir kimlik avı dolandırıcılığı sonucu 240.000 dolar değerinde NFT kaybetti. Bu şok edici hırsızlık, kripto topluluğunda hızla yankı buldu ve X’te 0xQuit tarafından detaylandırıldı. Hırsızlık sırasında altı Bored Ape Yacht Club NFT’si, 40 Beanz ve üç Elemental dahil olmak üzere değerli koleksiyonlar çalındı ve neredeyse sıfır değeri olan bir wei’ye satıldı.
Anatomy of the Scam
The scam was carried out by an unidentified entity exploiting a loophole in Blur’s listing system. Solidity developer and auditor 0xQuit noted that the scammer manipulated the copyright settings of the NFTs to bypass the platform’s public accessibility requirement.
Normally, when a scammer lists an NFT at a low price, automated bots quickly purchase these listings, preventing the scammer from benefiting. However, in this case, the scammers convinced the victims to list the NFTs at a high price, ensuring all proceeds went directly to their address.
The scammers made the sale covert by setting a rule that cancels any transaction not initiated by them. This method prevents other buyers from snatching low-priced listings, ensuring the scammer’s exclusive access to the NFTs. Victims are often tricked into signing something on a phishing website promoted by an impersonator on social media, claiming to offer a free airdrop checker.
Increase in NFT Scams
This incident is part of a broader trend of increasingly common scams since NFT markets gained popularity in late 2020 and early 2021. Marketplaces and users are continually targeted by such scams, sometimes resulting in significant financial losses. For example, last month, three UK citizens were accused of orchestrating a $3 million scam involving the “Evolved Apes” NFT collection.
Despite such incidents, Blur has yet to respond to requests for comments regarding the recent phishing scam. This silence leaves many questions unanswered about the security measures in place to protect users from such sophisticated attacks.
Given the phishing scam on the Blur market, users should remain vigilant as NFT platforms are vulnerable to sophisticated attacks.