A potentially major security flaw has been discovered in Rarible, a popular marketplace for non-fungible tokens (NFTs), which could lead to users losing not only their NFTs, but also crypto directly from their wallets.
A Check Point Research (CPR) report identified a vulnerability that would allow a potential attacker to steal someone's digital assets in a single transaction. The worst thing is that everything would happen in the market itself, a place where people in general would feel less suspicious.
According to the CPR report, the methodology is simple and includes the creation of a "malicious NFT." If someone stumbled across it and clicked on it, the malicious NFT would execute JavaScript code to try to send a setApprovalForAll request to the victim.
malicious NFTs
Should the victim send the requests, it will grant the malicious NFT full access to your endpoint.
“In October of last year, we discovered critical security vulnerabilities in OpenSea, the world's largest NFT marketplace. We have now identified similar vulnerabilities in Rarible,” said Oded Vanunu, Head of Product Vulnerability Research at Check Point Software.
“In terms of security, there is still a big gap between Web2 and Web3 infrastructures. Any small vulnerability opens a backdoor for cybercriminals to hijack crypto wallets behind the scenes. We are still in a state where markets that combine Web3 protocols lack strong security practice. The implications that follow a crypto hack can be extreme. We have seen millions of dollars siphoned from users of markets that combine blockchain technologies.
Last year, Rarible had a trading volume of over €273 million, making it one of the largest NFT markets on the planet.
The company informed the market of its discovery, saying that it "believes that Rarible will have a fix in place by the time of this publication." We've reached out to Rarible to see if that's actually the case, and will update the article accordingly.
However, since it's the Easter weekend, it could be a few days before we hear from Rarible.
“Currently, users have to manage two types of wallets: one for most of their cryptocurrencies and one for specific transactions only,” Vanunu continued.
"If the wallet for specific transactions is compromised, users may still be in a position where they don't lose everything."