In 2022, OpenSea’s largest NFT marketplace was targeted three times by hackers. On the 19th of Feb, attackers stole hundreds of NFTs from users’ digital wallets—triggering a late-night panic among the site’s broad user base. The blockchain security firm PeckShield counted 254 tokens stolen during the attack, including tokens from Decentraland and Bored Ape Yacht Club. Most attacks took place between 5 PM and 8 PM ET. According to the blog Web3 Is Going Great, the estimated value of the stolen tokens totals $2.9 million.
Early in May, a Discord channel associated with the platform was hacked. The hackers posted a message about a fake YouTube partnership announcement that included a link to a phishing site. The hackers posted a link to a phishing site and stole less than $10 in Ethereum from several wallets.
An incident at Customer.io, the email delivery vendor for OpenSea, caused a breach of OpenSea user data on June 29th. The incident was caused by an employee misusing their access to download and share email addresses of OpenSea users and newsletter subscribers with an unauthorized external party. The company has published a notice warning users of a data breach that exposed their emails.
The latest attack on Premint is one in a series of hacks in the NFT space. The growing popularity of the NFT sector attracts hackers who try to benefit from vulnerabilities in the platform or users' imprudence. This threatens the whole industry and inhibits mainstream adoption of the NFT segment.