Keeping Assets on Mobile: Can No-Click Exploits Take NFT and Tokens

NFT theft continues despite the slowdown of token markets, putting valuable collections in danger.
  • Rumors appeared during the New York NFT meetup that it was possible to exploit OpenSea accounts through open WiFi.
  • NFT Apes and Punks still among hot collections, targets of theft.

Rumors are circling of a new potential exploit using public WiFi or even Blue Tooth communication. Valuable NFT could be taken from users, especially if logged onto OpenSea and having an open wallet. 

The New York NFT conference is gathering thousands of collectors and enthusiasts, but several warnings were issued to think about wallet security on mobile. 

There are still no reports of theft or the exact mechanism of the exploit. Some of the attempts to steal may be disguised as private solicitations, similar to those spread from chat channels. 

NFT Top Collections Still Hold High Value

New users often access crypto assets from mobile and may have lowered defenses when it comes to looses. Unlocked wallets, 2D scanned codes or even attempts through public NFT can lead to operations with the tokens. However, it is unclear if the NFT within the wallet can be moved with a no-click exploit. 

The rumors were spread in relation to the annual NFT event in New York, runnin from June 21 to June 23. The event brings together NFT collections and founders, as well as NFT owners and buyers. The NFT phenomenon still goes strong despite signs of some slowdown, with Punks and Apes still holding top positions and having a presence on live events and social media. 

NFT resales are still active and scammers will attack precisely those top collections. In the past, Punks, Apes, Asukis, Art Blocks and other items have been stolen and quickly resold. Usually, in-game collections sold on separate marketplaces remain safer, as thieves target a resale through OpenSea.

Top collections also get exploited through copycat websites. Those sites offer mints, thus demanding the user to sign a transaction. This will give permission to a smart contract to empty the wallet. 

Copycat collections and mints have been offered for Apes, as well as for the recently popular Goblintown. The best approach is to use official mints or verified OpenSea resale offers.

Previous Post

Ni No Kuni Cross Worlds: P2E Success, but Bad Reviews from Gamers

Next Post

Web3 Projects Attract Bulk of Venture Funding

Related Posts