BSC NEWS NewsBSC Best Defi Coin News
The research department of Check Point, a cyber security firm has labeled a vulnerability in the Rarible NFT platform. This could have led to many of its estimated two million active users losing their NFTs in a single transaction.
Founded in Ramat Gan, Israel in 1993, Check Point is a multinational IT security firm and also declared spotting an issue that is related to malicious airdrops on Open Sea in October last year.
Following documents shared with Cointelegraph, Check Point Research (CPR) recently found out that mischievous actors could send users a dubious link to an NFT that executes JavaScript code after clicking it; according to CPR, “it attempts to send a setApprovalForAll request to the victim.”
RELATED: Digital Sample of Steve Jobs’ application sells for $23,000 on Rarible
Once the link is clicked, the user makes their wallets accessible on Rarible. CPR mentioned that it immediately alerted Rarible on April 5th, with the platform acknowledging the security flaw as well as making moves to fix the security flaw.
While having a conversation with Cointelegraph, Oded Vanunu, Head of Products Vulnerabilities Research at Check Point said his team gained interest in scams like this after a Taiwanese singer Jay Chou fell victim to a similar scam. His Chou Bored Ape #3738 NFT was stolen through a nefarious trade at the beginning of this month.
According to Vanunu, once they noticed that the NFT was stolen, it gave them the encouragement to make further investigations.
So far, Rarible has acknowledged the security flaw and immediately fixed it by terminating the SVG file upload option.
