- This topic has 0 replies, 1 voice, and was last updated August 10, 2023 at 4:16 pm | by .
-
A security flaw in the Rarible NFT marketplace could have allowed attackers to hijack crypto wallets and steal cryptocurrency assets by tricking users into clicking on malicious NFT links that executes arbitrary JavaScript code.
By gaining control over the victim’s wallet through a setApprovalForAll request, attackers could transfer and sell the victim’s NFTs.
The vulnerability would require users to leave Rarible.com for a third-party resource with malicious content and knowingly sign suggested transactions.
Users are advised to carefully review transaction requests and can use tools like Etherscan’s Token Approval Checker to review and revoke previous token approvals.
You can read the full article here: https://thehackernews.com/2022/04/rarible-nft-marketplace-flaw-couldve.html
- You must be logged in to reply to this topic.