Corporations invested more than $6 billion in crypto industry in the last 10 months DeFi-platform Velodrome accuses crypto sleuth of stealing $350k S&P Global dropped Coinbase rating to a speculative level BitGo will seek $100 million for Galaxy Digital refusal to acquire crypto platform Brazilian crypto exchange blocked customer accounts and fired staff Celsius Network’s debts is more his assets for $2,8 billion Monero underwent a successful hard fork First acquisition agreement crypto project for $1,2 billion terminated due financial statements OpenSea allowed reselling stolen NFTs

Critical vulnerability found in Rariable NFT-marketplace

Critical vulnerability found in Rariable NFT-marketplace

In the case of exploitation, the technical vulnerability would allow attackers to steal NFTs and cryptocurrency in a single transaction.

As reported by CheckPoint IT company researchers, clients of the Rarible NFT marketplace are vulnerable to attacks via JavaScript scripts that can lead to the theft of both digital collectibles and cryptocurrency. 

According to the released information, attackers distribute links to Rarible customers pretending to be NFT tokens. When viewing the token, the scammers run JavaScript code requesting the execution of the "setApprovalForAll" function. Once the victim gives consent, attackers can steal all assets from the wallet in just one transaction. According to the researchers, Rarible management has already fixed the vulnerability.

Earlier, a similar theft scenario was reported. Back then, the victims were users of the OpenSea marketplace. During the attack, hackers stole and resold NFTs worth 200 ETH. The marketplace had to pay $2 million in compensation to customers because of the break-in.

Subscribe to our Telegram channel for the most relevant, interesting, and informative news from the crypto industry.

Is there an error in the article?
To report