How to disconnect wallet from OpenSea [ Unlink Metamask from Opensea ]

You can remove OpenSea from your 435 token balance, but this will not prevent an attacker from gaining access to your NFTs if it has direct access to your metamask wallet. This will only block access to your OpenSea account if it has been hacked.

To verify your ledger address/account with OpenSea, you must go through the same process as you did with your meta mask address/account.

 

What is a cryptocurrency wallet?

Want to start your own NFT collection but not sure where to start? You will first need a crypto wallet, which saves both your payment method and your new NFTs. You cannot purchase NFTs in OpenSea. A crypto wallet is also a tool you will use to buy NFTs.

Before we talk about portfolio options, you might want to familiarize yourself with these basic terms in NFT and Web3. Once you’re ready, let’s dive in!

However, what is a cryptocurrency wallet?

As you might have guessed, a crypto wallet is like a wallet in your wallet or wallet, but instead of carrying cash and credit cards, it uses non-fungi tokens (NFTs) such as cryptocurrency and digital tokens. Is proof. A crypto wallet allows you to send and receive NFTs without having to interact with web-based websites – which are called decentralized applications (or short for deep) – such as OpenSea.

 

How to disconnect wallet from OpenSea

Log out from your profile

You can sign in from your OpenSea account in two ways. First you need to go to the profile icon at the top left of the screen, next to Creation. In the drop-down menu, type sign.

If you have successfully signed up, you will see a confirmation message at the bottom left of the OpenSea page.

  Alternatively, you should click on the My Vault icon next to the profile. The wallet side will be revealed. Click the arrow below your profile name, as shown in the OS_Tutorials example, then click Sign.

Change your crypto wallet

The wallet sidebar is also useful for converting cryptocurrency wallets. Click on the arrow below with your profile name and select the wallet you want to change. In the example below, we switch from Metamask to Cox, to the Clatin Blockchain Vault. For example, you can switch from one Ethereum wallet to another. Coinbase Wallet from MetaMask.

 

How to Protect your Wallet on OpenSeas [ Causes & Precautions ]

Security researchers have found that an attacker could persuade an OpenSea account holder to click on harmful NFT art, leaving them with a cryptocurrency balance. With a turnover of 3. 3.4 billion, OpenSea is the world’s largest marketplace for buying, selling and auctioning non-flammable tokens (NFTs) and other digital assets and collectables.

 

Accept applications without review

The details came up today on an issue on the OpenSea platform that allowed hackers to hack user accounts and steal their respective cryptocurrency wallets. The method of attack is as simple as creating an NFT with a damaging payment and waiting to receive and see the prey.

Many consumers reported empty wallets after receiving gifts on the open sea market, a marketing tactic called “airdrop” used to promote new virtual assets. Inspired by these accounts, researchers at the cyber security company Check Post decided to take a look at how the platform works and investigate the vulnerabilities.

An OpenSea account requires a third-party cryptocurrency vault from a list supported by the platform. One of the most popular is Metamask, which was also chosen by researchers. Connecting to the wallet is for any action on the account, including liking the art in the system, which leads to the request to enter the wallet. The OpenSea platform allows anyone to sell digital artwork, which can be up to 40MB files, with each of these extensions: JPG, PNG, GIF, SVG, MP4, WEBM, MP3, WAV, OGG, GLB. , And GLTF.

Realizing this, Checkpoint uploaded an SVG image to the OpenSea system containing malicious JavaScript code. When you click on it to open a new tab, note that the file ‘storage.opensea.io’ is executed under the subdomain.

They also added an iframe to the SVG image to upload the HTML code, which will inject “window.ethereum” which is necessary to open the connection with the victim Ethereum Vault. Vault functionality is misused by the Ethereum RPC-API, which initiates a connection to the metamask and opens the Vault Connection popup.

The attacker will then ask the victim to contact the legitimate pop-up so that he can act on behalf of the victim. Investigators point out that the hacker needs another pop-up to request a signature to insert the cryptocurrency into the wallet.

However, this is not a big deal, as such requests often appear as “system notifications” and users can approve the transfer without reading the message. From the OpenSea platform to the transfer area and victims usually see it with other NFT processes, it’s easy to see how users can be victims.

 

In today’s report, the postmaster summarized the attack as follows

The hacker makes and distributes harmful NFTs to the targeted victims.

  • The victim saw a bad NFT, started popping up from the OpenSea storage domain, asked for a connection from the victim’s corrupt wallet
  • The victim clicks to add their wallet and processes the donated NFT, thus gaining access to the victim’s wallet.
  • Hackers can get funds in wallets by activating additional popups, which are sent from the OpenSea storage domain.
  • The affected person may click on the popup without reading the transfer description note.

The Post’s researchers reported their findings to OpenSea on September 26. The two sides worked together to resolve the issue, and OpenSea resolved it within hours of disclosing responsibility.

OpenSea says it has not been able to identify any cases where the attackers have taken advantage of the damage, but they have been able to raise awareness and teach the community better surveillance practices and surveillance with fraud and phishing attempts.

 

How Wallents get compromised?

We’ve recently seen an increase in users showing up to be a Telegram Group admin. The fake group admin then provides assistance to users who request it in the main channel of the legitimate group (although they are not legitimate administrators – they copy the admin profile with a slight difference in the usernames). Scammers will often talk too much about jargon to confuse you and share a link to a website that looks legitimate (because of the branding) but will eventually ask for an initial phrase or private key.

Leave a Comment