NFT: Could you have lost everything because of this critical error? Back to the rare failure

A danger to your NFTs – Rarible is a platform for buying and selling NFT. It attracts more than a thousand users every month and recorded $ 270 million in volume in 2021. However, this success could have become sour after the presence of a critical vulnerability on the platform.

Critical Vulnerability on Rarible

Last week came the cyber security company checkpoint published a report on a vulnerability detected on the Rarible platform.

It all started after an attack on Taiwanese singer Jay Chou. In fact, he had his BoredApe # 3738 stolen as part of a fraudulent transaction.

This episode prompted Check Point to investigate the matter. For once, the theft of the NFT could be carried out because Jay Chou had signed on to one transaction that provides access to its NFTs.

In practice, this signed a transaction that performs the function setAuthorizationForEveryone. This allows you to define access permissions for tokens or NFTs. Usually it is widely used by platforms like Rarible to make token sales.

However, many attackers manage to sign one setAuthorizationForEveryone to their victims. This later allows them to gain control of their NFTs. Usually, attackers use phishing techniques to trick their victims. This was recently the case at OpenSea. In the Rarible setting, the attack was much more sophisticated.

>> Afraid to get your wallet hacked? Prioritize security and sign up for Swissborg! (linked link) <

When NFTs lead the attack

While conducting their investigation, the Check Point teams attempted various manipulations before discovering a critical vulnerability on Rarible.

Rarible thus allows its users to upload different types of files with PNG, GIF, SVG, MP4, WEBM or MP3 extensions.

Check Point, however, realized that was it possible to embed JavaScript code in SVG images. Once the image is placed on Rarible, the malicious code embedded in the image just has to wait for its victims.

“If you click on the art and open it in another tab, or click on the IPFS link in the drop-down list, the JavaScript code will be executed. »

checkpoint

In practice, the code retrieves the list of NFTs that the user has. Subsequently, it will loop on these NFTs and send type transactions setAuthorizationForEveryone for collections considered interesting by the attacker.

For him, the user will be notified of a pending transaction. Unfortunately, if the user has the misfortune to sign this transaction mechanically, it seals the fate of his NFTs and allows the attacker to take control of them.

Rarely, only victim?

Clearly, the Check Point teams quickly shared their results with those from Rarible. This was followed by the release of a patch to correct the vulnerability.

Although there is no estimate of the extent that this vulnerability could have taken in the form of losses, Check Point emphasizes that it could have affected any Rarible user.

In addition, Check Point does not rule out the possibility that such a vulnerability may exist present on other NFT sales platforms.

Faced with this threat, Check Point is reminiscent of some best ways to protect against this type of attack:

  • Carefully examine each signature request from your wallet;
  • If in doubt, reject the request to take the time to investigate further;
  • Frequently revoke your wallet approvals through the Etherscan interface.

Earlier in the year, a first vulnerability was discovered on OpenSea. This had led to the loss of several hundred NFTs whose total value exceeded 300 ETH.

On Rarible, as on other DeFi platforms, you need to be careful and apply good security practices. If this scares you, choose exchanges that have proven themselves. Sign up with Swissborg and enjoy a unique bonus of up to € 200 in cryptocurrencies (linked link, for a minimum deposit of € 50)!

Leave a Comment