TRENDING NOW: NASA's new James Webb Space Telescope photographs UFOs

World's largest NFT marketplace warns users of an insider hack

The world's largest Non-Fungible Token (NFT) marketplace has warned its users of an insider hack that may lead to coming scams.

Published Jul 2, 2022 4:19 AM CDT   |   Updated Mon, Jul 25 2022 9:33 PM CDT

OpenSea has warned its users that they may be at risk to a scammer that has hacked the company from the inside.

World's largest NFT marketplace warns users of an insider hack 01 |

The world's largest NFT marketplace has taken to its blog to announce that an employee at, which is the company's email vendor, used their employee access to download and share email addresses from OpenSea users, along with any subscribers to the OpenSea newsletter. OpenSea has stated that an investigation has been launched into the matter and that law enforcement has already been contacted regarding the hack.

Since the hack was predominately email address-targeted, users should be very careful about being contacted via email by anyone who is stating they are an OpenSea employee. The NFT platform explains that the email address malicious actors will use will look very similar to the official email domain - 'official email address domain = "". The platform stresses in its safety and recommendations that it will only ever contact users from the domain "" and that any other variation of the email is illegitimate.

World's largest NFT marketplace warns users of an insider hack 02 |

Furthermore, OpenSea recommends that users never download anything from an OpenSea email, as authentic OpenSea emails will never contain anything that is downloadable or any attachment files. While it may be obvious to some, never share any secret wallet phrases or passwords with anyone, even if they are saying they are an OpenSea employee.

"The disclosure of the email list certainly gives the attacker a solid base of active individuals from which to attempt to steal their NFTs and, likely, distribute malware. Individuals and companies who receive emails from OpenSea about new and ongoing activities should instead conduct these manually through the website," warns Karl Steinkamp, the director at Coalfire.

Notably, users should never sign a wallet transaction via email. OpenSea states that its official emails will never contain links that prompt users to sign a wallet transaction. Stephen Banda, a senior manager at Lookout, a cybersecurity company, said that the internal hack was likely financially motivated as there is a very lucrative market for user data, especially cryptocurrency-based user data.

"There is a lucrative market for stolen information and credentials. In this case, 2 million email addresses of customers of the world's biggest marketplace for NFTs will be highly attractive to bad actors looking to launch broad phishing attacks," said Banda.

In other NFT news, the market has seemingly taken a sharp dive off a cliff, with even extremely popular projects such as Bored Apes being down as much as 30% in just 30 days.

Buy at Amazon

NASA Actually It Is Rocket Science T-Shirt

TodayYesterday7 days ago30 days ago
* Prices last scanned on 8/12/2022 at 2:25 am CDT - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Jak joined the TweakTown team in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science and space news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms. Instead of typical FPS, Jak holds a very special spot in his heart for RTS games.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles