$240K in NFTs Stolen in Blur Marketplace Phishing Scam

John Darbie
Photo: Finoracle.net

$240,000 Worth of NFTs Stolen in Blur Marketplace Scam

The Risks in the NFT Space Remain High

A user recently lost $240,000 in NFTs after falling victim to a phishing scheme on the Blur Marketplace. This highlights the ongoing risks in the crypto space, especially when dealing with NFTs.

The Incident

The stolen NFTs included:

  • Three Elementals
  • 40 Beanz
  • Six Bored Ape Yacht Club NFTs

These high-value digital collectibles were listed for a mere $WEI each on the marketplace. For context, $WEI is the smallest unit of Ether, making the listing price almost zero.

How the Scam Worked

This was no ordinary scam. It exploited a loophole in Blur’s listing procedure by manipulating copyright settings of high-value NFTs. This allowed the scammer to divert proceeds to their address without raising suspicion. They used a rule to cancel existing transactions, keeping their activities hidden.

The Process

  1. Listing Manipulation: The scammer manipulated the NFTs’ royalty settings to get around Blur’s anti-private listing restriction.
  2. Private Sale Setup: This bypass allowed a private sale visible only to the scammer’s address.
  3. Phishing: By promoting a fake free NFT mint or airdrop event on social media, they lured the victim to a counterfeit website. Once there, the victim unknowingly approved a malicious transaction.

Expert Insights

Solidity developer and auditor 0xQuit provided detailed insights into the scammer's strategies. Their tactics are part of a broader trend, as seen in previous incidents. For example, in May, a scammer named PinkDrainer stole three Bored Ape Yacht Club NFTs worth about $145,000 from tatis.eth.

Conclusion

The phishing scam on Blur Marketplace underscores the high risks associated with the NFT and crypto spaces. Scammers are continuously evolving their methods to exploit system vulnerabilities and deceive users.

Stay Informed and Secure: Regularly update yourself on the latest security measures to protect your digital assets.

Share This Article
Follow:
John Darbie is a seasoned cryptocurrency analyst and writer with over 10 years of experience in the blockchain and digital assets industry. A graduate of MIT with a degree in Computer Science and Engineering, John specializes in blockchain technology, cryptocurrency markets, and decentralized finance (DeFi). His insights have been featured in leading publications such as CoinDesk, CryptoSlate, and Bitcoin Magazine. John’s articles are renowned for their thorough research, clear explanations, and practical insights, making them a reliable source of information for readers interested in cryptocurrency. He actively follows industry trends and developments, regularly participating in blockchain conferences and webinars. With a strong reputation for expertise, authoritativeness, and trustworthiness, John Darbie continues to provide high-quality content that helps individuals and businesses navigate the evolving world of digital assets.