A major vulnerability in the Rarable NFT market was discovered and fixed

A dangerous vulnerability in Rarible, a non-currency token (NFT) marketplace, has been discovered and patched. The danger of this security breach was such that it was possible that some users would lose all their NFTs if the attack was successful. Investigations indicate that this attack was carried out using a malicious NFT in the Ribble market itself.

According to Cointelegraph, the research arm of the cybersecurity software company Check Point (Check Point) has announced that it has managed to identify a vulnerability in the Rarable NFT trading market that puts the security of the assets of 2 million monthly active users of this market at risk. placed so that it is possible for each user to lose their NFT in one transaction.

Check Point is a multinational information technology security company that was established in 1993. The company claims that in October 2021 (Mayrah 1400) it had also identified malicious vulnerabilities in the OpenSea NFT trading market.

According to Check Point’s experts, it was discovered that the attackers sent a NFT link to users and if the user clicks on “attempts to send a setApprovalForAll request to the victim” in the target link, a JavaScript code is executed. which will leave the authority of users’ wallet accounts on the Rarable platform to the hands of thieves.

According to Check Point’s statement, Rebel was alerted about this vulnerability immediately on April 5 (April 16), and the platform immediately acknowledged and fixed this security flaw.

Also read: Introducing the biggest non-currency token (NFT) markets

If attackers managed to exploit this vulnerability, they would be able to take full control of the platform’s users’ wallets and steal their NFTs in a single transaction. The attack could have been through a malicious NFT in the market itself to make users less suspicious.

NFT theft

Oded Vanunu, head of product vulnerability research at Check Point, said he and his team became interested in tracking these types of scams after Taiwanese singer Jay Chou fell victim. This singer’s Board Ip token number 3738 was stolen through a malicious transaction. With the occurrence of this theft, the motivation of Vanunu and his team to investigate these vulnerabilities increased. According to him, this abuse of security breaches can also happen on many other platforms.

Ribble quickly confirmed the mentioned security flaw and fixed it by removing the “SVG” file upload option, thus thwarting the malicious NFT attack.

Vanuno declined to estimate the potential value of theft that could occur using this security flaw; Because this attack could happen to any user of the platform. Notably, a similar attack on just one wallet owned by DeFiance Capital founder Arthur0x last month resulted in the loss of approximately 600 Ether (equivalent to $1.86 million).

The security firm asked users of NFT trading platforms to be careful when confirming requests and, when unsure, confirm all of them through the Etherscan request tracker.