More

    Magic Eden Hacked With Unsavory Images and Fake NFTs

    NFTs can’t seem to take a break from the ongoing scams and hacks that target the Web3 space. Solana’s largest NFT marketplace, Magic Eden, was recently exploited by scammers that listed fake NFTs, tricking buyers into believing that they’re original. Not only that but the third-party image provider that hosts Magic Eden’s NFT images was also compromised, leaving some questionable pictures in place of regular NFTs. Magic Eden getting hacked so easily raises some questions about the security of the platform. Is the NFT marketplace that vulnerable in face of attacks? 

    Magic Eden Hacked by Fake NFT Listings

    A couple of months ago, scammers hacked the popular Solana NFT marketplace Magic Eden by listing fake NFT collections on the platform. The scammers targeted popular NFT collections such as Y00ts, selling fake versions of the NFTs for hundreds of dollars. 

    The fake listings were luckily exposed shortly by NFT creators that warned people on Twitter about the Magic Eden exploit. 

    The fake listings began with a fake ABC collection which traders bought thinking they were real. Magic Eden quickly tweeted about the problem, claiming that it added more verification layers per collection to resolve the issue. However, creators disputed the marketplace’s claim, as more fake listings kept emerging on the platform. 

    Magic Eden would then tweet an update “ Please hard refresh your browsers to make sure you are only seeing verified collection items. We’re monitoring the situation & will use this thread for updates. Earlier today, we resolved the root issue but believe users who didn’t hard refresh their browsers still saw unverified NFTs on collection & activity pages.” 

    The marketplace later identified the source issue as a glitch in a UI update that allowed scammers to list fake NFTs. “The technical explanation is that our activity indexer for these two tools did not check that the creator address is verified. Magic Eden’s smart contract remains secure, and this incident was an isolated UI issue.” 

    NSFW: Unsavory NFT Images

    Another glitch fell upon Magic Eden where traders encountered a weird situation when using the platform. The Solana marketplace displayed pornographic images and stills from the TV sitcom “The Big Bang Theory” instead of NFT images when loading the page. 

    Friends My Eyes My Eyes GIF - Friends My Eyes My Eyes My Eyes - Discover & Share GIFs

    Many users speculated that Magic Eden itself has been hacked, however, the marketplace rushed to clarify that the issue comes from its third-party image hosting provider. Magic Eden further assured its users that their NFTs were unaffected by the unsavory images. 

    Magic Eden urged its users to do a “hard refresh” before accessing the platform to avoid encountering the problem. The marketplace however did not reveal the name of the image hosting provider. 

    Is It That Easy to Hack a Marketplace? 

    Well, yes and no. We should keep in mind that an NFT marketplace is still a regular Web2 browser with a central HTTP server. Hacking a marketplace is as easy as hacking any other website. However, hacking a marketplace doesn’t compromise the NFTs themselves that live on an immutable blockchain. Traders should keep checking whether the NFT in question is the real deal or whether it’s fake. 

    In addition, image hosting services that are not based on a peer-to-peer system like IPFS are easily hackable. That’s because their servers are too central for attackers to find a weak point. In fact, even decentral storages like IPFS don’t guarantee that an NFT image will be secure enough against attacks. 

    Again, if an NFT image disappeared, that doesn’t mean that the token itself on the blockchain disappeared. It just means that the image the token redirects you moved or another image replaced it. Here come other major questions, how permanent are NFTs? And is their value only reside in their digital metadata? 

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here

    Stay in the Loop

    Stay in the loop with blockchain Witcher and get the lastest updates!

     

    Latest stories

    You might also like...