OpenSea was NOT hacked. It was a phishing exploit that led to theft.

Just to set it straight, this specific incident had nothing to do with OpenSea’s security. It was a phishing attack originating outside of OpenSea’s website. Over thirty users have signed a malicious payload from an attacker, and some of their NFTs were stolen.

If you have an OpenSea account, your NFTs and ETH are not just draining out like a faucet. A malicious contract was sent out hidden in a disguised link. The attacker had people sign half of a valid wyvern order; the order was empty except the target (attacker contract) and calldata, attacker signs other half of order.

​

https://preview.redd.it/bp8mdx26fzi81.png?width=1290&format=png&auto=webp&s=7a38df102e6cb0c127a02c009bb917b4b4b0216a

Just so it’s clear!