An unfortunate user has been robbed of his non-fungible tokens, worth hundreds of thousands of dollars, via a sophisticated phishing scam on the Blur marketplace.
The loss, reported by 0xExit on
Based on current floor prices for each asset, the total amount is approximately $239,676. Wei is the smallest unit of ether on the Ethereum blockchain.
The scam was orchestrated by an unknown entity, which exploited a loophole in Blur’s listing system to enable private sales, 0xQuit, a Solidity developer and auditor, said in a separate message.
Despite Blur’s standard policy of not supporting private listings, the scammer managed to manipulate the NFTs’ royalty settings, bypassing the public accessibility requirement.
If a scammer tricks someone into offering an NFT for next to nothing, automated bots usually quickly buy it by paying higher fees, leaving the scammer empty-handed.
To counter this, scammers are now tricking people into offering NFTs at high prices, with all proceeds going to the scammer’s address, according to 0xQuit.
Scammers do this by setting a rule that cancels any transaction if they don’t attempt to purchase the transaction themselves, effectively making the sale private.
The tactic ensures that only the scammer can complete the transaction, preventing others from intercepting the low-priced offers, according to 0xQuit.
Quit further explained that the scam involved getting the victim to sign something on a phishing website, usually through an impersonator account on Twitter advertising a free mint or airdrop checker.
NFT-related scams have become a constant headache for marketplaces and users after a major surge in popularity for the asset in late 2020 and early 2021.
In rare cases, this has led authorities to hunt down those who made off with millions.
Last month, three British nationals were accused of orchestrating a $3 million scam in 2021 involving the “Evolved Apes” NFT collection.
Blur did not immediately return a request for comment.