Researchers Discover Crucial Security Flaw on Rarible NFT Marketplace

The research department of Check Point, a cyber security firm has labeled a vulnerability in the Rarible NFT platform. This could have led to many of its estimated two million active users losing their NFTs in a single transaction.

Founded in Ramat Gan, Israel in 1993, Check Point is a multinational IT security firm and also declared spotting an issue that is related to malicious airdrops on Open Sea in October last year.

Following documents shared with Cointelegraph, Check Point Research (CPR) recently found out that mischievous actors could send users a dubious link to an NFT that executes JavaScript code after clicking it; according to CPR, “it attempts to send a setApprovalForAll request to the victim.”

RELATED: Digital Sample of Steve Jobs’ application sells for $23,000 on Rarible

Once the link is clicked, the user makes their wallets accessible on Rarible. CPR mentioned that it immediately alerted Rarible on April 5th, with the platform acknowledging the security flaw as well as making moves to fix the security flaw.

While having a conversation with  Cointelegraph, Oded Vanunu, Head of Products Vulnerabilities Research at Check Point said his team gained interest in scams like this after a Taiwanese singer Jay Chou fell victim to a similar scam. His Chou Bored Ape #3738 NFT was stolen through a nefarious trade at the beginning of this month.

According to Vanunu, once they noticed that the NFT was stolen, it gave them the encouragement to make further investigations.

So far, Rarible has acknowledged the security flaw and immediately fixed it by terminating the SVG file upload option.

About Godwin

Godwin is a multi-faceted writer. He covers the latest and most significant news in the crypto industry for Newsbsc. Aside from his work here, he writes exceptional SEO optimized web contents for other websites in different sectors.

Check Also


Blockstream ceo Adam Back Said CBDCs Are Worse Than Bank Accounts

CBDCs have become a global fad with regulators. Many industry experts, though, believe these products …

Leave a Reply

Your email address will not be published.