Security companies: hackers or use Blur signature vulnerabilities to steal NFT
It is reported that the Web3 security company Pocket Universe issued a warning on social media that hackers may steal NFT by using the Blur signature vulnerability. This scam will use the forged signature request to exhaust the NFT of users’ wallets. Its operation mode is to induce the victim to sign a transaction of “selling NFT in bulk at 0 ETH price”. However, there is always a message in the Blur batch list that is unreadable, As a result, users do not know what they are signing and the message cannot be translated, which will make it easier for hackers to gain access and make it more difficult to identify malicious requests from hackers. Pocket Universe said that it has provided a security solution, that is, to mark transactions that are not from the official Blur website. However, in the first cases, hackers have been found to have stolen 5 ETHs in a signed transaction.
Interpretation of this information:
The Web3 security company Pocket Universe has issued a warning on social media regarding hackers who have discovered a new way to steal NFTs. The method they use is called the Blur signature vulnerability, which allows them to forge a signature request and exhaust the NFT stored in the user’s wallet. To do this, the hackers induce the victim to sign a transaction of “selling NFT in bulk at 0 ETH price”. Unfortunately, the message in the Blur batch list is unreadable, making it difficult for users to know what they are signing. This vulnerability enables hackers to access and drain the wallets of their victims while remaining undetected as the malicious transaction cannot be identified. Pocket Universe has offered a solution to combat this vulnerability by marking all transactions not originating from the official Blur website. However, hackers have already managed to steal 5 ETH in a signed transaction in the first cases.
The three main points of this message are:
1. Hackers have discovered a new way to steal NFTs using the Blur signature vulnerability.
2. The vulnerability allows hackers to exhaust the NFT’s stored in the victim’s wallet by forging a signature request and inducing the victim to sign a transaction that is unreadable.
3. Pocket Universe has provided a security solution to mark all transactions that do not originate from the official Blur website, but hackers have already stolen five ETH in a signed transaction.
This article and pictures are from the Internet and do not represent 96Coin's position. If you infringe, please contact us to delete:https://www.96coin.com/42064.html
It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.