Risks abound in the crypto space, particularly when working with NFTs. A recent event on the Blur Marketplace brought these risks to light. A user lost $240,000 in NFTs after falling for a phishing scheme. A source on X(Twitter) revealed this information.

Three Elementals, 40 Beanz, and six Bored Ape Yacht Club NFTs were the targets of the fraud. The stolen NFTs were then listed for just one $WEI each on the marketplace. For context, $WEI is the smallest unit of ether, making the listing price almost zero.

How the Scam Worked

This scam was sophisticated. It took advantage of a loophole in Blur’s listing procedure. The scammer manipulated the copyright settings of high-value NFTs. This diversion of proceeds to their address allowed them to profit from the scam. They used a rule that canceled existing transactions to keep their activities hidden.

The owner was unaware that the scammer had listed the NFTs. In essence, this got around the platform’s security measures. Through manipulation of the NFTs’ royalty settings, the scammer circumvented the platform’s anti-private listing restriction. They were able to establish a private sale as a result, making sure that the transaction could only be completed by their address.

PinkDrainer's fraud in May

Solidity developer and auditor 0xQuit shed light on the scammer’s strategies. Using the bait-and-switch technique, the fraud lured the victim in by promising a free NFT mint or airdrop event that was promoted on social media. The user unknowingly approved a transaction on a phony website after being tricked by scammers.

This incident does not stand alone. Coinfomania reported a similar phishing scam in May, where a scammer named PinkDrainer ‘drained’ the user tatis.eth of three Bored Ape Yacht Club NFTs worth about $145,000. This shows a concerning trend of sophisticated scams in the NFT space.

Final Thoughts

The recent phishing scam on Blur Marketplace highlights the risks in the crypto and NFT spaces. Scammers are continually finding new ways to exploit system loopholes and deceive users. You should regularly stay informed and take security measures, this is crucial to safeguarding digital assets.

 

Read the full article here

Share.
Leave A Reply

Exit mobile version