Zero Yuan Purchase Phishing Attack Puts the Blur NFT Market at Risk

03/07/2023 01:57 • Blockchain Briefs • 79 views

It is reported that recently, Scam Sniffer, the partner of Slow Fog Ecological Security, demonstrated a “zero yuan purchase” phishing attack test against the Blur NFT market’s batch listing signature. Through a “root signature” as shown in the figure, all NFTs authorized by the target user on the Blur platform can be fished out at a very low cost (specifically “zero yuan purchase”). The “root signature” format of the Blur platform is similar to “blind signature”, The user cannot recognize the impact of this signature. The slow fog security team verified the feasibility and harmfulness of the attack. All users of the Blur platform are hereby reminded to be vigilant. When finding “Root signature” from a non-Blur official domain name (blur. io), they must refuse it to avoid potential asset losses.

Slow fog: Be alert to the risk of “zero yuan purchase” phishing for the Blur NFT market

Analysis based on this information:

The news about a recent “zero yuan purchase” phishing attack on the Blur NFT market has raised alarm bells among users of the platform. Reports indicate that Scam Sniffer, the partner of Slow Fog Ecological Security, carried out a phishing attack test on the platform’s batch listing signature, indicating how attackers can successfully fish out all NFTs authorized by the target user on the Blur platform. This is a dangerous attack as the attackers can gain access to the user’s assets without paying anything.

The “root signature” format used by the Blur NFT market is similar to “blind signature”, where the user cannot recognize the impact of this signature, making it easier for malicious users to exploit. The Slow Fog security team has verified the feasibility and dangerousness of the attack, which calls for a word of caution for users of the platform.

It is crucial for all users of the Blur platform to remain vigilant, especially when finding “Root signature” from a non-Blur official domain name (blur. io). Users must refuse this signature to avoid any potential asset losses. This will ensure that attackers do not have any room for exploiting the platform and gain access to your assets without your knowledge.

The attack highlights a potential vulnerability on the platform, and users must take some steps to minimize the risk of falling victim to such attacks. For instance, users can activate two-factor authentication, which makes it hard for attackers to compromise their accounts. Also, ensure that you only access the platform from a trusted device with appropriate security measures in place.

In conclusion, the phishing attack on the Blur NFT market is a wake-up call to all users of the platform to remain vigilant and be aware of the potential risks of falling victim to such attacks. The platform’s managers should also take the necessary measures to improve its security posture to ensure that user assets are safe from attackers.

This article and pictures are from the Internet and do not represent aiwaka's position. If you infringe, please contact us to delete:https://www.aiwaka.com/2023/03/07/zero-yuan-purchase-phishing-attack-puts-the-blur-nft-market-at-risk/

It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.

Zero Yuan Purchase Phishing Attack Puts the Blur NFT Market at Risk

Slow fog: Be alert to the risk of “zero yuan purchase” phishing for the Blur NFT market

Recommended articles