$240,000 worth of NFTs were stolen in a sophisticated phishing scam on Blur marketplace.
The scammer used a loophole in Blur’s system to conduct private sales against platform rules.
In a concerning development for the crypto community, an adept scammer has executed a phishing scam on the Blur marketplace, making off with non-fungible tokens (NFTs) valued at approximately $239,676.
The victim, known as 0xQuit on X (formerly Twitter), reported the theft. That involved six Bored Ape Yacht Club NFTs, 40 Beanz, and three Elementals, all sold for a nominal price of one wei each—a fraction of a cent.
The scammer exploited a loophole in Blur’s listing system to smooth private sales, despite the platform’s usual restrictions against such transactions. By manipulating the royalty settings, the attacker avoided the requirement for public accessibility, enabling private sales.
If the stolen NFTs were listed at practically zero value, automated bots typically intercept such listings by paying higher fees. This leaves the scammer with nothing, despite the platform’s policy against such transactions.
However, in this instance, the scammers are deceiving people into listing NFTs at high prices. That redirects all proceeds to the scammer’s address, as per 0xQuit. Also, the scammer set up a rule that would cancel any transaction unless it initiated by them. That effectively ensured that the sale remained private and that they received the proceeds.
Highlighted Crypto News
Is Bitcoin Price Facing Unforeseen Bearish Trends Before the Bull Run?