Major NFT marketplace OpenSea, which said it fell victim to a phishing attack over the weekend, has narrowed down the list of impacted individuals from the initial assumption of 32 to 17. However, the platform said it still hasn’t determined the exact source of the issue.
“Our original count included anyone who had *interacted* with the attacker, rather than those who were victims of the phishing attack,” the company said on Monday morning (UTC time). They also noted that the “attack does not appear to be active at this time” and “there has been no activity on the malicious contract in >15 hours.”
Back then, OpenSea said that this “appears to be a phishing attack” originating outside of their website.
However, not everyone was convinced that it was a phishing attack.
Nadav Hollander, Chief Technology Officer of OpenSea, has also argued that impacted users should have approved a malicious contract. “All of the malicious orders contain valid signatures from the affected users, indicating that they did sign an order somewhere, at some point in time,” he said.
While some argued that the issue might have been with the migration, Hollander said that the malicious orders “were signed before the migration and are unlikely to be related to OpenSea’s migration flow.”
In either case, according to Ryan Selkis, Founder & CEO of crypto analysis firm Messari, OpenSea users learned a valuable lesson about self-custody and digital signatures.
“One that will be helpful if they ever need to secure digital assets and exit a hostile country,” Selkis said, adding that for those in crypto, self-reliance is integral to the products they use, and they are “rewarded for risks with higher upside.”